Secret
Reference doc for the `sst.Secret` component.
The Secret
component lets you create secrets in your app.
Secrets are encrypted and stored in an S3 Bucket in your AWS account. If used in your app config, they’ll be encrypted in your state file as well. If used in your function code, they are encrypted and included in the bundle. They’ll are then decrypted synchronously when your function starts up by the SST SDK.
Create a secret
The name of a secret follows the same rules as a component name. It must start with a capital letter and contain only letters and numbers.
const secret = new sst.Secret("MySecret");
Set a placeholder
You can optionally set a placeholder
.
const secret = new sst.Secret("MySecret", "my-secret-placeholder-value");
Set the value of the secret
You can then set the value of a secret using the CLI.
sst secret set MySecret my-secret-value
Set a fallback for the secret
You can set a fallback value for the secret with the --fallback
flag. If the secret is
not set for a stage, it’ll use the fallback value instead.
sst secret set MySecret my-fallback-value --fallback
This is useful for PR environments that are auto-deployed.
Use the secret in your app config
You can now use the secret in your app config.
console.log(mySecret.value);
This is an Output that can be used as an Input to other components.
Link the secret to a resource
You can link the secret to other resources, like a function or your Next.js app.
new sst.aws.Nextjs("MyWeb", { link: [secret]});
Once linked, you can use the secret in your function code.
import { Resource } from "sst";
console.log(Resource.MySecret.value);
Constructor
new Secret(name, placeholder?)
Parameters
-
name
string
A placeholder value of the secret. This can be useful for cases where you might not be storing sensitive values.placeholder?
Input
<
string
>
Properties
name
Type Output
<
string
>
The name of the secret.
placeholder
Type undefined
|
Output
<
string
>
The placeholder value of the secret.
value
Type Output
<
string
>
The value of the secret. It’ll be undefined
if the secret has not been set through the CLI or if the placeholder
hasn’t been set.
SDK
Use the SDK in your runtime to interact with your infrastructure.
Links
This is accessible through the Resource
object in the SDK.
-
value
string
The value of the secret. It’ll be
undefined
if the secret has not been set through the CLI or if theplaceholder
hasn’t been set.