Posted On: Feb 24, 2020
Amazon Elastic Container Service now supports reading AWS Secrets Manager secrets with a specific version or from a key within a JSON object for tasks using the EC2 launch type. This gives you more granular control to reference sensitive information such as database credentials, tokens, or configuration variables for your applications on Amazon ECS. Previously, you could only load the latest version of a secret and could not read secrets from JSON objects directly. Now, you can now load a secret by specifying a particular version instead of the latest version by default. Additionally, you can now load a secret from a specific key within a JSON object.
To reference a specific version of a secret in an ECS task, append the secret’s resource ARN with the desired unique version. To reference from a JSON key, append the secret’s resource ARN with the desired key followed by a version if a specific one is desired.
To see an example of this, visit our product documentation on specifying sensitive data with ECS.