feat(cdk): allow setting secret values

shellscape · Jun 9, 2024 · 8c23bae · 8c23bae
1 parent ac1be12
commit 8c23bae
Showing 1 changed file with 14 additions and 2 deletions.
diff --git a/packages/cdk/src/methods/secret.ts b/packages/cdk/src/methods/secret.ts
@@ -1,14 +1,19 @@
 import { SecretsManagerClient, ListSecretsCommand } from '@aws-sdk/client-secrets-manager';
 import { IGrantable } from 'aws-cdk-lib/aws-iam';
 import { Secret } from 'aws-cdk-lib/aws-secretsmanager';
+import { SecretValue } from 'aws-cdk-lib';
 
 import { DotStack } from '../constructs/Stack';
 
 interface AddSecretOptions {
   consumers?: IGrantable[];
+  /** WARNING: It's advised not to use this unless the use case specifically calls for creating the secret value programattically */
+  jsonValue?: Record<string, SecretValue>;
   name: string;
   scope: DotStack;
   secretName: string;
+  /** WARNING: It's advised not to use this unless the use case specifically calls for creating the secret value programattically */
+  value?: SecretValue;
 }
 
 interface GrantRemoteOptions {
@@ -19,10 +24,17 @@ interface GrantRemoteOptions {
 
 type SecretArn = string;
 
-export const addSecret = ({ consumers = [], name, scope, secretName }: AddSecretOptions) => {
+export const addSecret = (options: AddSecretOptions) => {
+  const { consumers = [], jsonValue, name, scope, secretName, value } = options;
   const baseName = DotStack.baseName(name, 'secret');
   const logicalName = `${scope.appName}-${baseName}`;
-  const secret = new Secret(scope, logicalName, { secretName });
+  const secretObjectValue = jsonValue;
+  const secretStringValue = value;
+  const secret = new Secret(scope, logicalName, {
+    secretName,
+    secretObjectValue,
+    secretStringValue
+  });
 
   scope.overrideId(secret, logicalName);
   consumers.forEach((resource) => secret.grantRead(resource));