Not able to fetch secret from aws secret manager (cross-accounts) #132
Description
Hello maintainers,
I try to deploy helm secrets + vals on ArgoCD to fetch secrets from aws secrets manager in another account.
helm:
fileParameters:
- name: data.exemple.Key1
path: secrets+literal://ref+awssecrets://arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:/SECRET_NAME#/SECRET_KEY_1
- name: data.exemple.Key2
path: secrets+literal://ref+awssecrets://arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:/SECRET_NAME#/SECRET_KEY_2
The arn of mysecret on AWS Console is:
arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:SECRET_NAME
I haven’t “/” in mysecret name.
And if I remove the “/” in the secret path in helm parameter:
helm:
fileParameters:
- name: data.exemple.Key1
path: secrets+literal://ref+awssecrets://arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:SECRET_NAME#/SECRET_KEY_1
- name: data.exemple.Key2
path: secrets+literal://ref+awssecrets://arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:SECRET_NAME#/SECRET_KEY_2
I have the following error message in ArgoCD:
[helm-secrets] vals error: expand awssecrets://arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:SECRET_NAME?region=eu-west-3: parse "awssecrets://arn:aws:secretsmanager:eu-west-3:ACCOUNT_ID:secret:SECRET_NAME?region=eu-west-3": invalid port ":SECRET_NAME" after host Error: failed parsing --set-file data: plugin "scripts/run.sh downloader" exited with error
Could you please confirm if this is really the case or it's a misconfiguration of my side?