forked from aws/aws-cdk
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix(core): remove cdk.Secret (aws#2068)
`cdk.Secret` was left over from when we thought we were going to do secrets differently. Today, we model secret values as strings, which can be retrieved from one of these: - `ssm.ParameterStoreSecureString.stringValue` - `secretsmanager.SecretString.stringValue` - `cdk.CfnParameter.stringValue` (but don't do that, because the secret will be readable from CloudFormation logs) Fixes aws#2064. BREAKING CHANGE: Replace use of `cdk.Secret` with `secretsmanager.SecretString` (preferred) or `ssm.ParameterStoreSecureString`.
- Loading branch information
Showing
21 changed files
with
87 additions
and
164 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -2,4 +2,4 @@ | |
|
||
```ts | ||
const alexaAsk = require('@aws-cdk/alexa-ask'); | ||
``` | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
2 changes: 1 addition & 1 deletion
2
...ws-certificatemanager/lambda-packages/dns_validated_certificate_handler/package-lock.json
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,94 +1,47 @@ | ||
import { CfnParameter } from './cfn-parameter'; | ||
import { Construct } from './construct'; | ||
import { Token } from './token'; | ||
import { Token } from "./token"; | ||
import { unresolved } from "./unresolved"; | ||
|
||
/** | ||
* A token that represents a value that's expected to be a secret, like | ||
* passwords and keys. | ||
* Work with secret values in the CDK | ||
* | ||
* It is recommended to use the `SecretParameter` construct in order to import | ||
* secret values from the SSM Parameter Store instead of storing them in your | ||
* code. | ||
* Secret values in the CDK (such as those retrieved from SecretsManager) are | ||
* represented as regular strings, just like other values that are only | ||
* available at deployment time. | ||
* | ||
* However, you can also just pass in values, like any other token: `new Secret('bla')` | ||
* To help you avoid accidental mistakes which would lead to you putting your | ||
* secret values directly into a CloudFormation template, constructs that take | ||
* secret values will not allow you to pass in a literal secret value. They do | ||
* so by calling `Secret.assertSafeSecret()`. | ||
* | ||
* You can escape the check by calling `Secret.plainTex()`, but doing | ||
* so is highly discouraged. | ||
*/ | ||
export class Secret extends Token { } | ||
|
||
export interface SecretParameterProps { | ||
/** | ||
* The name of the SSM parameter where the secret value is stored. | ||
*/ | ||
readonly ssmParameter: string; | ||
|
||
/** | ||
* A string of up to 4000 characters that describes the parameter. | ||
* @default No description | ||
*/ | ||
readonly description?: string; | ||
|
||
/** | ||
* A regular expression that represents the patterns to allow for String types. | ||
*/ | ||
readonly allowedPattern?: string; | ||
|
||
/** | ||
* An array containing the list of values allowed for the parameter. | ||
*/ | ||
readonly allowedValues?: string[]; | ||
|
||
export class Secret { | ||
/** | ||
* A string that explains a constraint when the constraint is violated. | ||
* For example, without a constraint description, a parameter that has an allowed | ||
* pattern of [A-Za-z0-9]+ displays the following error message when the user specifies | ||
* an invalid value: | ||
* Validate that a given secret value is not a literal | ||
* | ||
* If the value is a literal, throw an error. | ||
*/ | ||
readonly constraintDescription?: string; | ||
public static assertSafeSecret(secretValue: string, parameterName?: string) { | ||
if (!unresolved(secretValue)) { | ||
const theParameter = parameterName ? `'${parameterName}'` : 'The value'; | ||
|
||
/** | ||
* An integer value that determines the largest number of characters you want to allow for String types. | ||
*/ | ||
readonly maxLength?: number; | ||
// tslint:disable-next-line:max-line-length | ||
throw new Error(`${theParameter} should be a secret. Store it in SecretsManager or Systems Manager Parameter Store and retrieve it from there. Secret.plainTex() can be used to bypass this check, but do so for testing purposes only.`); | ||
} | ||
} | ||
|
||
/** | ||
* An integer value that determines the smallest number of characters you want to allow for String types. | ||
* Construct a literal secret value for use with secret-aware constructs | ||
* | ||
* *Do not use this method for any secrets that you care about.* | ||
* | ||
* The only reasonable use case for using this method is when you are testing. | ||
*/ | ||
readonly minLength?: number; | ||
} | ||
|
||
/** | ||
* Defines a secret value resolved from the Systems Manager (SSM) Parameter | ||
* Store during deployment. This is useful for referencing values that you do | ||
* not wish to include in your code base, such as secrets, passwords and keys. | ||
* | ||
* This construct will add a CloudFormation parameter to your template bound to | ||
* an SSM parameter (of type "AWS::SSM::Parameter::Value<String>"). Deployment | ||
* will fail if the value doesn't exist in the target environment. | ||
* | ||
* Important: For values other than secrets, prefer to use the | ||
* `SSMParameterProvider` which resolves SSM parameter in design-time, and | ||
* ensures that stack deployments are deterministic. | ||
*/ | ||
export class SecretParameter extends Construct { | ||
/** | ||
* The value of the secret parameter. | ||
*/ | ||
public value: Secret; | ||
|
||
constructor(scope: Construct, id: string, props: SecretParameterProps) { | ||
super(scope, id); | ||
|
||
const param = new CfnParameter(this, 'Parameter', { | ||
type: 'AWS::SSM::Parameter::Value<String>', | ||
default: props.ssmParameter, | ||
description: props.description, | ||
allowedPattern: props.allowedPattern, | ||
allowedValues: props.allowedValues, | ||
constraintDescription: props.constraintDescription, | ||
maxLength: props.maxLength, | ||
minLength: props.minLength, | ||
noEcho: true, | ||
}); | ||
public static plainText(secret: string): string { | ||
return new Token(() => secret).toString(); | ||
} | ||
|
||
this.value = new Secret(param.ref); | ||
private constructor() { | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.