Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to access environment secrets from amplify.yml file. #2466

Closed
ernestostifano opened this issue Dec 20, 2021 · 4 comments
Closed

How to access environment secrets from amplify.yml file. #2466

ernestostifano opened this issue Dec 20, 2021 · 4 comments
Assignees
@ferdingler
Labels
archived This issue has been locked. question Further information is requested

Comments

@ernestostifano
Copy link

Please describe which feature you have a question about?
Documentation explains how to access environment variables from amplify.yml file using bash syntax $MY_ENV_VARIABLE, but it does not explain how to access environment secrets from the same file. It only has instructions on how to access them using process.env.secrets.

Provide additional details
N/A

What AWS Services are you utilizing?
N/A

Provide additional details e.g. code snippets
N/A
@ernestostifano ernestostifano added the question Further information is requested label Dec 20, 2021
@ferdingler
Copy link
Contributor

Secrets are placed in an environment variable named $secrets (lowercase). It is a stringified JSON object so accessing it via bash script may be a little complicated to manipulate. Unless you use jq or a similar tool, I recommend writing a JS script that reads them like so:

const secrets = JSON.parse(process.env.secrets);
const foo = secrets["foo"];

https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html#environment-secrets

@ferdingler ferdingler self-assigned this Mar 2, 2022
@renchris
Copy link

renchris commented Aug 8, 2022

My process.env.secrets return undefined. Any more clarification on how to access the env secrets-manager variables specified in the amplify.yml file?

@raphaelfavier
Copy link

@ferdingler
Reading the documentation, it's really not clear to me how to make it all happen in the yaml file.

The documentation recommends to name the SSM variable as "/amplify/{your_app_id}/{your_backend_environment_name}/{your_parameter_name}". Is that mandatory?

I think I found that my app_id is the last part of the app arn (d******) but what is my "backend_environment_name" here?

For now I went with "develop" as it's the name of my branch.

Therefore, I create 2 ssm parameters that store my ssh keys:
/amplify/d3swn9gxhv0r3p/develop/amplify_key
and
/amplify/d3swn9gxhv0r3p/develop/amplify_key.pub

Now I am trying to configure amplify.yml and read these secrets:
echo "$secrets" returns an empty string.

What am I doing wrong? I'm pretty lost.
Any chance you could point us to a full example?

@github-actions
Copy link

This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot added the archived This issue has been locked. label Oct 28, 2022
@github-actions github-actions bot locked and limited conversation to collaborators Oct 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@ferdingler ferdingler

Labels
archived This issue has been locked. question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@raphaelfavier @ferdingler @ernestostifano @renchris