Problem
The environment_variables block on AgentCore Agent Runtime only accepts plaintext values. There is no mechanism to reference secrets from AWS Secrets Manager (or SSM Parameter Store) that get resolved at container start time.
This is a gap compared to other AWS container services. For example, ECS task definitions support valueFrom on container environment variables, which resolves Secrets Manager ARNs or SSM Parameter Store paths when the container starts — without ever exposing the secret value in the task definition, Terraform state, or the AWS console.
Use Case
When integrating third-party services that require credentials via environment variables (observability platforms, external APIs, etc.), the current options are:
- Plaintext env vars — credentials are visible in Terraform state, terraform plan output, the AgentCore console, and the AWS API. This is undesirable for production workloads with compliance requirements.
- Runtime secret fetching — application code fetches secrets from Secrets Manager at startup and sets env vars programmatically. This works but introduces timing issues when platform-level components (e.g., ADOT auto-instrumentation) read environment variables before application code has a chance to set them.
Neither option provides the same security and ergonomics that ECS users already have.
Proposed Solution
Support an optional secret reference syntax in environment_variables that resolves Secrets Manager (and ideally SSM Parameter Store) values at container start, before any application code or auto-instrumentation runs. For example:
# Pseudocode
environment_variables = {
"MY_API_KEY": {"secret_arn": "arn:aws:secretsmanager:us-east-1:123456789:secret:my-key"},
"SOME_CONFIG": "plaintext-value", # existing behavior preserved } This would:
- Keep secrets out of Terraform state and API responses
- Ensure secrets are available as env vars before any process (including auto-instrumentation) starts
- Align with the ECS valueFrom pattern that AWS users are already familiar with
Problem
The environment_variables block on AgentCore Agent Runtime only accepts plaintext values. There is no mechanism to reference secrets from AWS Secrets Manager (or SSM Parameter Store) that get resolved at container start time.
This is a gap compared to other AWS container services. For example, ECS task definitions support valueFrom on container environment variables, which resolves Secrets Manager ARNs or SSM Parameter Store paths when the container starts — without ever exposing the secret value in the task definition, Terraform state, or the AWS console.
Use Case
When integrating third-party services that require credentials via environment variables (observability platforms, external APIs, etc.), the current options are:
Neither option provides the same security and ergonomics that ECS users already have.
Proposed Solution
Support an optional secret reference syntax in environment_variables that resolves Secrets Manager (and ideally SSM Parameter Store) values at container start, before any application code or auto-instrumentation runs. For example:
This would: