(core): SecretValue.ssmSecure not working without version #18729
Description
What is the problem?
When I try to use SecretValue.ssmSecure('/name'), without specifying a version, I get the following error message:
Incorrect format is used in the following SSM reference: [{{resolve:ssm-secure:/name:}}]
Reproduction Steps
Create an SSM SecureString parameter called /name. Init an app with TypeScript CDK, install "@aws-cdk/aws-amplify-alpha", change the Stack to the following and then cdk deploy:
import { Construct } from "constructs";
import { SecretValue, Stack, StackProps } from "aws-cdk-lib";
import { App, GitHubSourceCodeProvider } from "@aws-cdk/aws-amplify-alpha";
export class TestStack extends Stack {
constructor(scope: Construct, id: string, props?: StackProps) {
super(scope, id, props);
const app = new App(this, "AmplifyApp", {
appName: "test-app",
sourceCodeProvider: new GitHubSourceCodeProvider({
owner: "owner",
repository: "repo",
oauthToken: SecretValue.ssmSecure("/name"),
}),
});
}
}
What did you expect to happen?
Deploy should not have trouble receiving the value from Parameter Store.
What actually happened?
Incorrect format is used in the following SSM reference: [{{resolve:ssm-secure:/name:}}]
CDK CLI Version
2.9.0 (build a69725c)
Framework Version
2.9.0
Node.js Version
v16.13.1
OS
Windows 10
Language
Typescript
Language Version
4.5.3
Other information
When I manually changed the following lines
const parts = [parameterName, version ?? ''];
return this.cfnDynamicReference(new CfnDynamicReference(CfnDynamicReferenceService.SSM_SECURE, parts.join(':')));to
return this.cfnDynamicReference(new CfnDynamicReference(CfnDynamicReferenceService.SSM_SECURE, version ? `${parameterName}:${version}` : parameterName));it worked, so it seems that the expected form is {{resolve:ssm-secure:/name}} without the colon at the end.