How to use AWS secret manager with Amplify

Question

I have AWS Amplify Apps and currently the passwords are stored in Amplify environment variables. I am trying to use AWS secret manager to store my secrets and use it in my Amplify project

I checked AWS documentation (https://docs.aws.amazon.com/amplify/latest/userguide/environment-variables.html) they mention to enter parameter in this format(For Name, enter a parameter in the format /amplify/{your_app_id}/{your_backend_environment_name}/{your_parameter_name} ) I am not sure what is app_id, what is your_backend_environment_name and how can I use it in my Amplify project.

Answer 1

Perhaps you've already found the solution, but perhaps someone would search for the same.

You need to name your secret parameter as the docs suggest:

/amplify/{your_app_id}/{your_backend_environment_name}/{your_parameter_name} 

To find the {your_app_id} and {your_backend_environment_name}, you want to go to the Amplify console in AWS. Click on your application, and notice the list of environments the application deployed to. In my example, I want to set the secret for Dev.

Click on the "Action" drop-down button on the top right corner, chose "View app settings". On the right hand you'll notice the "App ARN" in the next format:

arn:aws:amplify:eu-west-1:ACCOUNT_ID:apps/sdkjhf9shdfweh

"sdkjhf9shdfweh" part is your APP ID.

If I want to set a secret name MY_SECRET I'd need to go to the parameter store and create a secret string parameter with the following name:

/amplify/sdkjhf9shdfweh/dev/MY_SECRET

Then I'll be able to access it from the build pipeline.