Skip to content
This repository was archived by the owner on May 20, 2025. It is now read-only.

Commit 93916ec

Browse files
tjholmtjholm
committed
update import docs for secret imports in awstf
1 parent ed98a97 commit 93916ec

File tree

1 file changed

+46
-2
lines changed

1 file changed

+46
-2
lines changed

docs/providers/terraform/aws.mdx

Lines changed: 46 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -79,6 +79,44 @@ In this example the project name is `api-testing` and the stack name is `aws`.
7979

8080
![resource group list image](/docs/images/docs/aws-rg-screen.png)
8181

82+
83+
## Importing Existing Resources
84+
85+
The Nitric team is working to expand the list of resources that can be imported. Currently, only the following resources are supported:
86+
87+
- [Secrets](/secrets)
88+
89+
<Note>
90+
Currently, only resources in the same AWS account and region as the Nitric project
91+
are supported.
92+
</Note>
93+
94+
### Secrets
95+
96+
To import a secret, you will need to know the secret's ARN. You can find the ARN of a secret in the AWS console or by using the AWS CLI.
97+
98+
First, add the secret to your project as you usually would if it wasn't imported. Then add the secret to the `import` section of your stack file. Here's an example of how to import a secret:
99+
100+
```javascript
101+
import { secret } from "@nitric/sdk
102+
103+
const mySecret = secret("credentials").allow("access");
104+
```
105+
106+
```yaml
107+
import:
108+
secrets:
109+
credentials: arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret
110+
```
111+
112+
<Note>
113+
Unlike some other imported resources, secret imports require the ARN to be used.
114+
Providing only the secret's name will be invalid.
115+
</Note>
116+
117+
Need to import another resource type or have another question? Chat with us on [Discord](https://nitric.io/chat) or [open an issue](https://github.com/nitrictech/nitric/issues) on GitHub.
118+
119+
82120
## Stack Configuration
83121

84122
```yaml title:nitric.[stack ID].yaml
@@ -95,8 +133,14 @@ region: my-aws-stack-region
95133
# Optional outdir
96134
# outdir: ./tf-output
97135
98-
# config:
99-
# Config (same as base AWS provider except for VPC/Secret imports)
136+
# Import existing AWS Resources
137+
# Currently only secrets are supported
138+
import:
139+
# A name ARN map of secrets, where the name matches the nitric name of the secret you would like to import
140+
secrets:
141+
# In typescript this would import the provided secret reference for a secret declared as
142+
# const mySecret = secret('my-secret');
143+
my-secret: arn:aws:secretsmanager:us-east-1:123456789012:secret:my-secret
100144
101145
# The timezone that deployed schedules will run with
102146
# Format is in tz identifiers:

0 commit comments

Comments
 (0)