How to reuse existing resources with cloudformation yaml?

Question

I want to make a secret in secretsmanager by using cloudformation. Since I want to add the secret value manually and keep the value everytime I run the cloudformation, I specified "Retain" policy as follows.

```
SecretsManagerMyApiKey:
    Type: AWS::SecretsManager::Secret
    DeletionPolicy: Retain
    Properties:
      Name: my-api-key
```

However, if I delete the stack once and run the cloudformation again, I get the following error.

```
The operation failed because the secret my-api-key already exists.
```

How can I avoid this behavior and reuse the existing secret key?

I know that I can reuse existing resources as follows with CDK python. What I need is a way to do like this with yaml. Please let me know.

```
sg = ec2.SecurityGroup.from_security_group_id(
            self,"SG",
            security_group_id=sgid,
            mutable=False
        );
```

Answer

Hi, @nemy.

How would you like to use existing secrets?

If you want to refer to another resource, use the resource's ARN or ID.   
When referencing resources in CloudFormation, parameters are simply obtained and used according to the specification of each resource.  
For example, AWS::SecretsManager::Secret will get the ARN by "Ref".

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-secretsmanager-secret.html#aws-resource-secretsmanager-secret-return-values

By using a custom function, I think that it is possible to create something that obtains an ARN string from a resource name that is not managed by the stack.

If you want to manage it as a CloudFormation stack, consider incorporating existing resources into the CloudFormation stack by referring to the following.

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/resource-import.html

How to reuse existing resources with cloudformation yaml?

相關內容