When I attempt to register an AWS Batch job definition with secrets from AWS Secrets Manager (specifying an execution role and secrets per the documentation)
aws batch register-job-definition \
--job-definition-name poc_secrets_job \
--region us-east-2 \
--type container \
--container-properties '{
"image": "busybox",
"vcpus": 1,
"memory": 120,
"command": [
"echo",
"Hello world"
],
"executionRoleArn": "arn:aws:iam::<AWS-ACCOUNT-ID>:role/<EXECUTION-ROLE-NAME>",
"jobRoleArn": "arn:aws:iam::<AWS-ACCOUNT-ID>:role/<EXECUTION-ROLE-NAME>",
"secrets": [{"name": "TEST_SECRET", "valueFrom": "arn:aws:secretsmanager:us-east-2:<AWS-ACCOUNT-ID>:secret:<SECRET-NAME>"}]
}'
I get the error message:
Parameter validation failed:
Unknown parameter in containerProperties: "secrets", must be one of: image, vcpus, memory, command, jobRoleArn, volumes, environment, mountPoints, readonlyRootFilesystem, privileged, ulimits, user, instanceType, resourceRequirements, linuxParameters
Unknown parameter in containerProperties: "executionRoleArn", must be one of: image, vcpus, memory, command, jobRoleArn, volumes, environment, mountPoints, readonlyRootFilesystem, privileged, ulimits, user, instanceType, resourceRequirements, linuxParameters
I've also been unable to get this to work with Terraform's aws_batch_job_definition resource.