Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[secretsmanager] Synth fails without secret name suffix #10604

Closed
cmckni3 opened this issue Sep 30, 2020 · 0 comments · Fixed by #10609
Closed

[secretsmanager] Synth fails without secret name suffix #10604

cmckni3 opened this issue Sep 30, 2020 · 0 comments · Fixed by #10609
Assignees
@njlynch
Labels
@aws-cdk/aws-secretsmanager Related to AWS Secrets Manager bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.

Comments

@cmckni3
Copy link
Contributor

cmckni3 commented Sep 30, 2020
edited
Loading

Synth fails stating the secret arn is invalid.

Reproduction Steps

Secret.fromSecretAttributes(this, 'DomainSecret', {
  secretArn: `arn:${Aws.PARTITION}:secretsmanager:${Aws.REGION}:${Aws.ACCOUNT_ID}:secret:MySecret`,
});

What did you expect to happen?

I expect the stack to be able to synthesize and deploy.

What actually happened?

Stack synthesize should succeed without secret name suffix (use latest version of secret).

Environment

  • CLI Version : 1.64.1
  • Framework Version: 1.64.1
  • Node.js Version: 12.18.3
  • OS : macOS
  • Language (Version): TypeScript

This is 🐛 Bug Report
@cmckni3 cmckni3 added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Sep 30, 2020
@github-actions github-actions bot added the @aws-cdk/aws-secretsmanager Related to AWS Secrets Manager label Sep 30, 2020
@cmckni3 cmckni3 changed the title [secretsmanager] Secret name suffix required [secretsmanager] Synth fails without secret name suffix Sep 30, 2020
njlynch added a commit that referenced this issue Sep 30, 2020
@njlynch
fix(secretsmanager): cannot import secrets by ARN without suffix
5ddae7b 
An overly-strict validation on secret ARNs prevented valid use cases where a
customer provides a secret ARN without the SecretsManager-suffix.

fixes #10604
@njlynch njlynch mentioned this issue Sep 30, 2020
Merged
@mergify mergify bot closed this as completed in #10609 Sep 30, 2020
mergify bot pushed a commit that referenced this issue Sep 30, 2020
@njlynch
fix(secretsmanager): cannot import secrets by ARN without suffix (#10609
3a1d38e 
)

An overly-strict validation on secret ARNs prevented valid use cases where a
customer provides a secret ARN without the SecretsManager-suffix.

fixes #10604


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@njlynch njlynch

Labels
@aws-cdk/aws-secretsmanager Related to AWS Secrets Manager bug This issue is a bug. needs-triage This issue or PR still needs to be triaged.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(secretsmanager): cannot import secrets by ARN without suffix aws/aws-cdk
2 participants
@cmckni3 @njlynch