get secret from secrets manager returns none | elastic beanstalk | flask
Question
Problem: get_secret() returns none.
Landscape:
AWS provides a template function which works fine locally when I try it out in the terminal.
What I have done:
I added return json.loads(get_secret_value_response["SecretString"]) so get_secret() returns a value if successful.
I have attached a policy to the secret in secrets manager.
{
"Version" : "2012-10-17",
"Statement" : [ {
"Effect" : "Allow",
"Principal" : {
"AWS" : "arn:aws:iam::__owner_id__:role/aws-elasticbeanstalk-service-role"
},
"Action" : "secretsmanager:GetSecretValue",
"Resource" : "*"
} ]
}
and I have attached a policy to the role aws-elasticbeanstalk-service-role .
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "secretsmanager:GetSecretValue",
"Resource": "arn:aws:secretsmanager:eu-west-1:__owner_id__:secret:route/to/scret-123"
}
]
}
1 answers
solution1
2 ACCPTED 2022-06-10 23:40:51
aws-elasticbeanstalk-service-role is for EB service itself. You should be using role associated with your EB instance profile . The default role is aws-elasticbeanstalk-ec2-role , but you may have used different role in your setup, so you have to double check that.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.