-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(aws-ecs): token is added to Options instead of SecretOptions in SplunkLogDriver #15408
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM overall just one nit!
Pull request has been modified.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please also add validation to the SplunkLogDriver
constructor that verifies the user specified at least one of token
or secretToken
.
659ceaf
to
1b9adf4
Compare
1b9adf4
to
e2c7f85
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork). |
…plunkLogDriver (aws#15408) ---- This PR closes [aws#7264](aws#7264). The `token` field of the Splunk log driver populates the `Options` property of the Log Configuration which leads to the secret being resolved to its value on deploying, and then the token is viewable in plain text in the console and may be stored in plain text elsewhere. Thus, we are deprecating the `token` field of the Splunk log driver and are introducing a new `secretToken` field. `secretToken` can be used to provide the Splunk token as a Secrets Manager Secret or a Systems Manager Parameter and will be populated in the `SecretOptions` property of the Log Configuration. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
…plunkLogDriver (aws#15408) ---- This PR closes [aws#7264](aws#7264). The `token` field of the Splunk log driver populates the `Options` property of the Log Configuration which leads to the secret being resolved to its value on deploying, and then the token is viewable in plain text in the console and may be stored in plain text elsewhere. Thus, we are deprecating the `token` field of the Splunk log driver and are introducing a new `secretToken` field. `secretToken` can be used to provide the Splunk token as a Secrets Manager Secret or a Systems Manager Parameter and will be populated in the `SecretOptions` property of the Log Configuration. *By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
This PR closes #7264.
The
token
field of the Splunk log driver populates theOptions
property of the Log Configuration which leads to the secret being resolved to its value on deploying, and then the token is viewable in plain text in the console and may be stored in plain text elsewhere. Thus, we are deprecating thetoken
field of the Splunk log driver and are introducing a newsecretToken
field.secretToken
can be used to provide the Splunk token as a Secrets Manager Secret or a Systems Manager Parameter and will be populated in theSecretOptions
property of the Log Configuration.By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license