Uncategorised

Packer Tutorials: Amazon Secrets Manager Data Source – amazon-secretsmanager

May 25, 2023 Leave a Comment

The Amazon plugin is able to fetch data from AWS. To achieve this, the plugin comes with data sources to retrieve AMI and secrets information. Packer supports the following data sources at the moment:

  • amazon-ami – Filter and fetch an Amazon AMI to output all the AMI information.
  • amazon-secretsmanager – Retrieve information about a Secrets Manager secret version, including its secret value.
  • amazon-parameterstore – Retrieve information about a parameter in SSM.

The Secrets Manager data source provides information about a Secrets Manager secret version, including its secret value. Data sources is a feature exclusively available to HCL2 templates.

data "amazon-secretsmanager" "basic-example" {
  name = "packer_test_secret"
  key  = "packer_test_key"
  version_stage = "example"
}

# usage example of the data source output
locals {
  value         = data.amazon-secretsmanager.basic-example.value
  secret_string = data.amazon-secretsmanager.basic-example.secret_string
  version_id    = data.amazon-secretsmanager.basic-example.version_id
  secret_value  = jsondecode(data.amazon-secretsmanager.basic-example.secret_string)["packer_test_key"]
}

data "amazon-secretsmanager" "basic-example" {
  name = "packer_test_secret"
  key  = "packer_test_key"

  assume_role {
      role_arn     = "arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME"
      session_name = "SESSION_NAME"
      external_id  = "EXTERNAL_ID"
  }
}
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x