Export secret name in cloudformation template
Question
I am creating a secret using a Cloudformation template, the problem that I have is that the only value that can be exported is the ARN using Ref Is there a way to get the name of the secret? I tried using !GetAtt LogicalIdOfSecret but that doesn't work The documentation only references the ARN part https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html
1 answers
solution1
0 2021-12-29 18:22:56
AWS::SecretsManager::Secret resource type does not support function GetAtt. You only can reference via Ref function which return the ARN.
However, using that ARN is possible to split it and get the name for most cases. The ARN structure for Secrets is:
arn:aws:secretsmanager:region:account_id:secret:my_path/my_secret_name-autoid
So the following combination of functions (Select, Split, Ref) gives you the Secret's Name.
"Outputs": {
"SecretName": {
"Value": {
"Fn::Select": [
"0", {
"Fn::Split": [
"-", {
"Fn::Select": [
"6", {
"Fn::Split": [
":", {
"Ref": "MySecret"
}
]
}
]
}
]
}
]
},
"Description": "Secret's Name"
}
}
It works fine except in the case the secret name includes dashes '-' because the split logic is based on the '-' included on the name + autogenerated value.
Reference:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.