How to put password as a AWS Parameter Store ARN in app.yml

Gursharan_Singh · March 12, 2024, 2:57pm

Hello,
I am running discourse setup in ec2 instance docker container. I am using external RDS Postgresql database. I want to pass on credentials as a ARN of parameter store in app.yml file. But seems like app.yml file interpreting ARN as a plain password.

Please suggest the correct way to pass on AWS ARN in app.yml file. My sample app.yml code is below:

DISCOURSE_DB_HOST: testrds.testingabcdkfd.eu-west-1.rds.amazonaws.com
  DISCOURSE_DB_NAME: dbname
  DISCOURSE_DB_USERNAME: dbusername
  DISCOURSE_DB_PASSWORD: arn:aws:ssm:us-west-1:121212121212:parameter/discourse-db-password

I also tried ARN with quotes but did not work.

Thanks in advance.

pfaffman · March 12, 2024, 3:03pm

When I’ve used RDS I’ve used the postgres password. I don’t think that you can use the ARN like you’re trying to.

Gursharan_Singh · March 12, 2024, 7:00pm

I am sure you can do it but I am not getting any post regarding this solution. Passing passwd directly in app.yml is not a secure way. Do you prefer any other method.

Thanks.

pfaffman · March 12, 2024, 7:17pm

If your database is protected by a password, you are not secure. You’ll configure networking and firewalls so that only your VM can access the database, so knowing the password doesn’t make much difference.

I’m sure that cdck/discourse.org runs plenty of sites on AWS with RDS and am fairly certain that they configure those very same variables with the password.

Topic		Replies	Views
Installation on AWS installation	14	3226	May 31, 2018
Is it possible to login into the postgres database inside the docker image? installation	6	4432	January 26, 2023
File 'containers/app.yml' is unwritable installation	11	1976	August 31, 2019
Discourse docker canot setup installation	4	1618	October 23, 2018
Using standard install, at step to edit app.yml, No app.yml installation	7	4084	June 25, 2020

How to put password as a AWS Parameter Store ARN in app.yml

Related Topics