Home > Mobile >  get secret from secrets manager returns none | elastic beanstalk | flask
get secret from secrets manager returns none | elastic beanstalk | flask

Time:06-11

Problem: get_secret() returns none.

Landscape:

AWS provides a template function which works fine locally when I try it out in the terminal.

What I have done:

I added return json.loads(get_secret_value_response["SecretString"]) so get_secret() returns a value if successful.

I have attached a policy to the secret in secrets manager.

{
  "Version" : "2012-10-17",
  "Statement" : [ {
    "Effect" : "Allow",
    "Principal" : {
      "AWS" : "arn:aws:iam::__owner_id__:role/aws-elasticbeanstalk-service-role"
    },
    "Action" : "secretsmanager:GetSecretValue",
    "Resource" : "*"
  } ]
}

and I have attached a policy to the role aws-elasticbeanstalk-service-role.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "secretsmanager:GetSecretValue",
            "Resource": "arn:aws:secretsmanager:eu-west-1:__owner_id__:secret:route/to/scret-123"
        }
    ]
}

CodePudding user response:

aws-elasticbeanstalk-service-role is for EB service itself. You should be using role associated with your EB instance profile. The default role is aws-elasticbeanstalk-ec2-role, but you may have used different role in your setup, so you have to double check that.

Page link:https//www.codepudding.com/Mobile/438223.html

Prev:If Python strings are immutable, how can it keep the same id if I use = to append to it?
Next:The security token included in the request is invalid. When no profile specified
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding