none of options are easy to use for a secret or a simple configuration file. If ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		captn3m0 on Oct 22, 2020 \| parent \| context \| favorite \| on: A Kubernetes operator to sync secrets from AWS Sec... none of options are easy to use for a secret or a simple configuration file. If I have a configuration file, I can easily mount it with --volume option with docker run. But to get the same on ECS - requires a much more complex setup than what is needed for k8s. Why do I need EFS/EBS volumes? Why doesn't this work well with Secret Manager or Parameter Store? Yes, k8s is a complex beast - but ECS isn't as clean as it looks.

nuker on Oct 22, 2020 [–]

> Why doesn't this work well with Secret Manager or Parameter Store?

Make a Parameter that reads from Secret Manager or Parameter Store in the Cloudformation template of your ECS Service, and pass the value to TaskDefinition as an environment variable. No need for volumes at all.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact