Support Non-PlainText Secret Format for Container Repository Login #900
Comments
mrgrain
added
enhancement
|
@Bbuff101 Just to clarify, are you only wanting to be able to send a JSON string as credentials or are you wanting JSON support for the SecretsManager Secret? |
Hi @cbentkowski , I would like to pass a secret name or ARN which contains as a secret value the JSON representation of a username and password, similar to how ECS functions to pull containers from a private registry. I do not want to pass the JSON secret value itself into the CDK resource. Does that help? |
|
Ok, similar to the ARN credentials that it already accepts, but the return from the ARN will be JSON formatted text. I've got a JSON parser built, but let me work on detecting JSON string formatted credentials from the ARN and see what I can come up with. |
Yes, thanks, @cbentkowski ! I did see your PR, so if I can be of any additional help, please let me know. |
Hello, we are using this library to copy containers from a private container repository (Artifactory) to AWS ECS. We would like to re-use our existing secrets rather than creating something new for this functionality. Specifically, we already have secrets to allow for ECS to authenticate with a private registry based on the following documentation:
https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html
This requires that the secret be a JSON object with "username" and "password" properties. Would it be possible to update the library to support reading a secret of this type, object, rather than plain-text?
{ "username" : "privateRegistryUsername", "password" : "privateRegistryPassword" }The text was updated successfully, but these errors were encountered: