- Newest
- Most votes
- Most comments
You can use in below the method as mention in Environment Variables in AWS AppRunner: AWS AppRunner allows you to set environment variables that are not stored in your codebase. You can set your secret as an environment variable in the AWS AppRunner configuration. This way, your secret is not exposed in your GitHub repository.
AWS Secrets Manager: Utilize AWS Secrets Manager to store your sensitive data. Secrets Manager allows you to programmatically retrieve secrets in your build process without hardcoding them in your source code or configuration files. You can set up IAM roles and permissions to allow your AWS AppRunner instance to access these secrets. Please find the below sample code
-
name: Retrieve secret from AWS Secrets Manager run: | SECRET=$(aws secretsmanager get-secret-value --secret-id MySecretName --query SecretString --output text) echo "SECRET=$SECRET" >> $GITHUB_ENV
-
name: Build and Deploy run: |
Use the secret in your build process
export MY_SECRET_KEY=$(echo $SECRET | jq -r .MY_SECRET_KEY)
-
There is no way to do this currently - it's a nearly 3-year old request to the AWS App Runner team on Github that has been in a "we are working on it" phase since November of 2022.
Relevant content
- Accepted Answerasked a year ago
- asked 3 months ago
AWS OFFICIALUpdated 6 months ago- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Sorry but I can't understand your reply. Probably you're referring to Cloud Formation but please take your time to review my question and my configuration yaml file.