From eb8757da4715e92b604df451eae77b953e9c5c2d Mon Sep 17 00:00:00 2001 From: Wyatt Baggett Date: Mon, 16 Feb 2026 22:49:17 -0500 Subject: [PATCH] Standardizes Secrets Manager paths Updates environment secret lookups to use consolidated, stable identifiers in Secrets Manager, replacing suffixed/ephemeral references. Improves maintainability, simplifies secret rotation, and aligns configuration across environments. No functional behavior changes expected; adjusts deployment-time configuration to ensure consistent secret resolution. - Normalizes references for database connections (Mongo, Redis) - Points third-party API key to consolidated secret - Updates email credentials source - Aligns S3 access credentials references - Updates JWT signing/refresh configuration source --- .../ThriveChurchOfficialAPI/serverless.template | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/API/ThriveChurchOfficialAPI/ThriveChurchOfficialAPI/serverless.template b/API/ThriveChurchOfficialAPI/ThriveChurchOfficialAPI/serverless.template index 1358d9b..335fac7 100644 --- a/API/ThriveChurchOfficialAPI/ThriveChurchOfficialAPI/serverless.template +++ b/API/ThriveChurchOfficialAPI/ThriveChurchOfficialAPI/serverless.template @@ -17,23 +17,23 @@ "Variables": { "ASPNETCORE_ENVIRONMENT": "Production", "PORT": "8080", - "MongoConnectionString": "{{resolve:secretsmanager:thrive-api/database-hzetzL:SecretString:MongoConnectionString}}", + "MongoConnectionString": "{{resolve:secretsmanager:thrive-api/database:SecretString:MongoConnectionString}}", "TokenConnectionStringPath": "Hashables", - "EsvApiKey": "{{resolve:secretsmanager:thrive/3rd-party-eohiNX:SecretString:EsvApiKey}}", + "EsvApiKey": "{{resolve:secretsmanager:thrive/3rd-party:SecretString:EsvApiKey}}", "OverrideEsvApiKey": "false", - "EmailPW": "{{resolve:secretsmanager:thrive-api/auth-zrM22S:SecretString:EmailPassword}}", + "EmailPW": "{{resolve:secretsmanager:thrive-api/auth:SecretString:EmailPassword}}", "S3__BucketName": "thrive-audio", - "S3__AccessKey": "{{resolve:secretsmanager:thrive-api/s3-U1eiYO:SecretString:AccessKey}}", - "S3__SecretKey": "{{resolve:secretsmanager:thrive-api/s3-U1eiYO:SecretString:SecretKey}}", + "S3__AccessKey": "{{resolve:secretsmanager:thrive-api/s3:SecretString:AccessKey}}", + "S3__SecretKey": "{{resolve:secretsmanager:thrive-api/s3:SecretString:SecretKey}}", "S3__Region": "us-east-2", "S3__BaseUrl": "https://podcast.thrive-fl.org", "S3__MaxFileSizeMB": "50", - "JWT__SecretKey": "{{resolve:secretsmanager:thrive-api/auth-zrM22S:SecretString:JwtSecretKey}}", + "JWT__SecretKey": "{{resolve:secretsmanager:thrive-api/auth:SecretString:JwtSecretKey}}", "JWT__Issuer": "ThriveChurchOfficialAPI", "JWT__Audience": "ThriveChurchClients", "JWT__ExpirationMinutes": "60", "JWT__RefreshTokenExpirationDays": "7", - "RedisConnectionString": "{{resolve:secretsmanager:thrive-api/database-hzetzL:SecretString:RedisConnectionString}}", + "RedisConnectionString": "{{resolve:secretsmanager:thrive-api/database:SecretString:RedisConnectionString}}", "IpRateLimiting__EnableEndpointRateLimiting": "false", "IpRateLimiting__StackBlockedRequests": "true", "IpRateLimiting__HttpStatusCode": "429"