[FR] x-rds/x-docdb - Secrets - Allow Task role access to the secret

compose-x / ecs_composex

Manage, Configure and Deploy your services and AWS services and applications from your docker-compose definitions

https://docs.compose-x.io

Mozilla Public License 2.0

160 stars 16 forks source link

[FR] x-rds/x-docdb - Secrets - Allow Task role access to the secret #631

Closed JohnPreston closed 2 years ago

JohnPreston commented 2 years ago

Currently, when creating / lookup with x-rds/x-docdb, the secret is exposed to the destination containers via Secrets.ValueFrom, and permissions granted to the Execution role. One would want an option to also expose the secret ARN to the containers and grant the task role access, so that the dev team can choose which ever they want to get access to.