0

I'm trying to create the APP_KEY via AWS CDK but I don't think there is a relevant Construct to do this.

I tried this:

        APP_KEY: ECSSecret.fromSecretsManager(
            new Secret(appRepoStack, 'APP_KEY', {
                generateSecretString: {
                    secretStringTemplate: JSON.stringify({}),
                    excludePunctuation: true,
                    includeSpace: false,
                    passwordLength: 32,
                    generateStringKey: 'APP_KEY',
                },
            })
        ),

But it ends up look like: tBvUtRxsDVjvAHf9AB1OmMsS but needs to look like: base64:AHia+ZdPQAZH91dERYGJqgFAWJfRDWe40KIEaFPjNrI=.

Note these are just test creds and are not used anywhere.

Improve this question
5
  • CloudFormation will generate a random string. You then need to go to SecretsManager via the console and populate it with your secret. docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/… Commented Sep 9 at 15:35
  • 1
    Laravel generates a 32 character key which it then base64 encodes and prefixes with base64: however it should still work with a 32 character random string but that would be less secure than what Laravel typically generates Commented Sep 9 at 15:44
  • @apokryfos interesting - why would it be less secure? Commented Sep 9 at 19:10
  • 1
    @gshpychka this string appears to be alphanumeric while laravel generates 32 random bytes, so there's more possible values per character (which I think is why it needs to base64 encode it otherwise it might break the .env file) Commented Sep 9 at 20:57
  • CloudFormation can include special characters too. Commented Sep 10 at 13:07
Related questions
1
Purpose of "prepare" method of AWS CDK constructs?
1
CDK constructs: passing values to constructors vs using the context values
49
AWS CDK: How to create an IAM role that can be assumed by multiple principals?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.