How do I set secrets manager entries as environment variables in the ECS service?
I am using the reference infrastructure with ecs module. What do I need to do to load a secrets manager entry as environment variables on the ECS service?
To share a secrets manager entry with an ECS service, you need to do the following: - Set the `secrets_manager_arns` to include the ARN of the secrets manager entry. This grants access to the secrets manager entry to the execution IAM role (NOT the IAM role of the task). - In the container definition for the service, include the necessary references to inject the secrets manager entry into the container. Refer to the [aws docs](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html) for an example of how to encode it. E.g.: ```hcl container_definitions = [{ name = "nginx" image = "nginx:1.17" memory = 512 essential = true Environment = [{ name : "TEST_NAME", value : "TEST_VALUE" }] secrets = [{ name = "environment_variable_name", valueFrom = "arn:aws:secretsmanager:region:aws_account_id:secret:secret_name-AbCdEf" }] portMappings = [ { "hostPort" = 80 "containerPort" = 80 "protocol" = "tcp" } ] }] ```