Question: why aws secret manager

[thomkitchen]

Hey. First of all, thanks so much this was insanely helpful.

Anyway, I was curious why you were using aws secrets for the server password. It kept throwing errors for me about not being able to pull in the secret to set the password so I ended up removing all those calls and hardcoded it.

Thanks again!

[rileydakota]

Hi there! Thanks for using the solution and reaching out. Re: Why Secrets Manager - it is best practice to remove any credentials from source code, and store them in an external solution such as Secrets Manager, Parameter Store, Hashicorp Vault etc. This allows you to rotate them, and share your source code without accidentally sharing your server password. Very interested in your error - care to share it, as well as the configuration for the secret (Name of the secret, key value pair without your password, etc). Happy to help troubleshoot and then revise the docs

[rileydakota]

FWIW - you can reference the workaround by @sdredsoxfan here to bypass the use of a secret - but would only advise doing so IF you are the only one who has access to your source: https://github.com/rileydakota/valheim-ecs-fargate-cdk/issues/9#issuecomment-782906817

[thomkitchen]

Heyo. That's the exact error I was having actually and that's what I ended up doing lol.

As for the secrete creation, I used

aws secretsmanager create-secret --name valheimServerPass --secret-string '{"VALHEIM_SERVER_PASS":"mySuperSecurePassword"}'

When I check secrets manager for it, I see an entry named 'valheimServerPass'. When I go to the details and try to retrieve the secret value, I get '{VALHEIM_SERVER_PASS:mySuperSecurePassword}' (edited of course) for plaintext but the key value tab returns an error (The secret value can't be converted to key name and value pairs).

Hope that helps!

[AndyBarnett]

I too had to mane this secret manually instead on the AWS site (filling in the key and value properly) and point the code at that one