apprunner-roadmap icon indicating copy to clipboard operation
apprunner-roadmap copied to clipboard
verified publisher icon aws

Allow build time secrets injection from AWS Secrets Manager

Open heretogo opened this issue 4 years ago • 5 comments

This is a request to support fetching build time secrets (such as a token to access private libraries) from AWS Secrets Manager and injecting them into the build time environment.

The main alternative I see is to somehow inject the credentials in the build command.

Another solution would be to leverage the instance profile's permissions and then to add some automation in the the Docker entrypoint to fetch the libraries at runtime. This is less ideal because it adds to the service startup time.

It would be nice if this were supported natively in App Runner.

heretogo avatar Jun 07 '21 19:06 heretogo

I think #6 is a different request which is for runtime secrets. This one is secrets for build time to fetch private npm packages for example.

toricls avatar Jul 13 '21 13:07 toricls

I think #6 is a different request which is for runtime secrets. This one is secrets for build time to fetch private npm packages for example.

You are right, sorry for the misunderstood :)

jordi-farre avatar Jul 13 '21 14:07 jordi-farre

I think this is needed for AWS Copilot's "Request Driven Web Services" as well. Feel like this is a major blocker for many people to adopt this service.

ColeDCrawford avatar Sep 23 '21 00:09 ColeDCrawford