Secret

Reference doc for the `sst.Secret` component.

The Secret component lets you create secrets in your app.

Secrets are encrypted and stored in an S3 Bucket in your AWS account. If used in your app config, they’ll be encrypted in your state file as well. If used in your function code, they’ll be decrypted and stored in the function package.

Create a secret

The name of a secret follows the same rules as a component name. It must start with a capital letter and contain only letters and numbers.

const secret = new sst.Secret("MySecret");

Set a placeholder

You can optionally set a placeholder.

const secret = new sst.Secret("MySecret", "my-secret-placeholder-value");

Set the value of the secret

You can then set the value of a secret using the CLI.

sst secret set MySecret my-secret-value

Set a fallback for the secret

You can set a fallback value for the secret with the --fallback flag. If the secret is not set for a stage, it’ll use the fallback value instead.

sst secret set MySecret my-fallback-value --fallback

This is useful for PR environments that are auto-deployed.

Use the secret in your app config

You can now use the secret in your app config.

console.log(mySecret.value);

Link the secret to a resource

You can link the secret to other resources, like a function or your Next.js app.

new sst.aws.Nextjs("MyWeb", {
  link: [secret]
});

Once linked, you can use the secret in your function code.

import { Resource } from "sst";

console.log(Resource.MySecret.value);

Constructor

new Secret(name, placeholder?)

Parameters

name string
placeholder? string
A placeholder value of the secret. This can be useful for cases where you might not be storing sensitive values.

Properties

name

Type Output<string>

The name of the secret.

placeholder

Type Output<undefined | string>

The placeholder value of the secret.

value