[Enhancement] [ECS] Environment variables "valueFrom" AWS Parameter Store and Secret Manager

[os1ma]

Description

Thanks for providing a great tool! I have a small proposal. AWS ECS allows environment variables to be set from AWS Systems Manager Parameter Store or AWS Secrets Manager with "valueFrom". This ECS support for compose does not seem to have a setting for this feature. It would be nice to be able to configure like following in the same way as x-aws-role.

services:
  foo:
    x-aws-secrets:
      - name: ENV_VAR_NAME
        value_from: parameter-name or ARN

I found in the documentation here that we can use AWS Secret Manager to set a secret on a file. However, it would be more convenient if we could easily set values for environment variables as described above.

Additional information you deem important (e.g. issue happens only occasionally):

I also considered a workaround to override the task definition using x-aws-cloudformation, but it was not practical. I tried to write the following configuration and convert it.

services:
  web:
    image: nginx:alpine
    ports:
      - '80:80'

x-aws-cloudformation:
  Resources:
    WebTaskDefinition:
      Properties:
        ContainerDefinitions:
          - Name: web
            Secrets:
              - Name: ENV_VAR_NAME
                ValueFrom: my-parameter

Then I got the following output, and the original ContainerDefinitions disappeared.

  WebTaskDefinition:
    Properties:
      ContainerDefinitions:
        - Name: web
          Secrets:
            - Name: ENV_VAR_NAME
              ValueFrom: my-parameter

It may be sufficient if Secrets can be set using x-aws-cloudformation without adding a configuration like x-aws-secrets. This could be solved with an implementation for #2160 .

Additional environment details (AWS ECS, Azure ACI, local, etc.):

AWS ECS

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.