Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

(@aws-cdk/core): Error: secret id "${Token[Fn::Join.84]}" is not an ARN but contains ":" #16166

Closed
bravogolfgolf opened this issue Aug 22, 2021 · 1 comment · Fixed by #16230
Closed

(@aws-cdk/core): Error: secret id "${Token[Fn::Join.84]}" is not an ARN but contains ":" #16166

bravogolfgolf opened this issue Aug 22, 2021 · 1 comment · Fixed by #16230
Labels
@aws-cdk/core Related to core CDK functionality bug This issue is a bug. effort/medium Medium work item – several days of effort p1

Comments

@bravogolfgolf
Copy link

bravogolfgolf commented Aug 22, 2021
edited
Loading

Reproduction Steps

const secret = new secretsmanager.Secret(this, 'secret', {
  secretName: 'secretName',
  generateSecretString: {
    secretStringTemplate: JSON.stringify({username: 'username'}),
    generateStringKey: 'password',
  },
});
const secretValue = cdk.SecretValue.secretsManager(secret.secretName, {
  jsonField: 'username'
}).toString();
new ssm.StringParameter(this, 'string-parameter', {stringValue: secretValue});

What did you expect to happen?

I would expect name to not cause error.

What actually happened?

Name without ":" errors:
.../node_modules/@aws-cdk/core/lib/secret-value.ts:19
throw new Error('secret id "${secretId}" is not an ARN but contains ":"');

Environment

  • CDK CLI Version : 1.118.0
  • Framework Version: 1.119.0
  • Node.js Version: v14.16.0
  • OS: macOS Big Sur 11.5.2 (20G95)
  • Language (Version): TypeScript (3.9.7)

Other

I tried using PhysicalName.GENERATE_IF_NEEDED and got this error:
.../node_modules/@aws-cdk/core/lib/private/physical-name-generator.ts:91
throw new Error('Invalid physical name passed to CloudFormation. Use "this.physicalName" instead');
Issue: #16167

This is 🐛 Bug Report
@bravogolfgolf bravogolfgolf added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Aug 22, 2021
@github-actions github-actions bot added the @aws-cdk/core Related to core CDK functionality label Aug 22, 2021
@bravogolfgolf bravogolfgolf mentioned this issue Aug 22, 2021
Closed
@rix0rrr rix0rrr added effort/medium Medium work item – several days of effort p1 and removed needs-triage This issue or PR still needs to be triaged. labels Aug 24, 2021
@rix0rrr rix0rrr removed their assignment Aug 24, 2021
@jumic jumic mentioned this issue Aug 25, 2021
Merged
@mergify mergify bot closed this as completed in #16230 Oct 27, 2021
mergify bot pushed a commit that referenced this issue Oct 27, 2021
@jumic
fix(core): SecretValue.secretsManager fails for tokenized secret-id (#…
5831456 
…16230)

`SecretValue.secretsManager` fails if a token is used for `secret-id`. This is caused by a validation which should be skipped for tokenized values.

Solved by skipping the validation if token is unresolved.

Fixes #16166.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

TikiTDO pushed a commit to TikiTDO/aws-cdk that referenced this issue Feb 21, 2022
@jumic @TikiTDO
fix(core): SecretValue.secretsManager fails for tokenized secret-id (a…
02c8dfe 
…ws#16230)

`SecretValue.secretsManager` fails if a token is used for `secret-id`. This is caused by a validation which should be skipped for tokenized values.

Solved by skipping the validation if token is unresolved.

Fixes aws#16166.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/core Related to core CDK functionality bug This issue is a bug. effort/medium Medium work item – several days of effort p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(core): SecretValue.secretsManager fails for tokenized secret-id jumic/aws-cdk
2 participants
@rix0rrr @bravogolfgolf