Should you’re working a Fargate job and it’s not in a position to learn secrets and techniques from AWS Secret Supervisor, there are some things you may test:
-
Confirm that the Fargate job has the right IAM permissions to entry the key. That you must grant the duty the secretsmanager:GetSecretValue permission for the precise secret that it must entry. You are able to do this by including the required permission to the duty execution function, or by making a separate IAM function and attaching it to the duty.
-
Examine that the key identify and ARN are right. You’ll be able to verify this by checking the key identify and ARN within the AWS Secret Supervisor console or by utilizing the AWS CLI.
-
Guarantee that the key is in the identical area because the Fargate job. Secrets and techniques are regional sources and might solely be accessed from throughout the similar area.
-
Examine the VPC configuration of your Fargate job. In case your job is working in a VPC with a personal subnet, it’s possible you’ll have to configure VPC endpoints for Secrets and techniques Supervisor to permit the duty to entry the service.
-
Examine the community configuration of your Fargate job. In case your job is working in a personal subnet and must entry the web to achieve the Secrets and techniques Supervisor service, it’s possible you’ll have to configure NAT gateways or proxies.
-
Confirm that the surroundings variables or container definitions in your job definition are arrange accurately. Be certain that the key is referenced utilizing the right syntax, akin to
${secretsmanager:my-secret:secret-string:password}
.
If none of those steps assist to resolve the difficulty, it’s possible you’ll have to allow extra logging and debugging to establish the basis reason behind the issue.