AWS Amplify

Go to your project settings in the Infisical dashboard to generate a service token. This service token will allow you to authenticate and fetch secrets from Infisical. Once you have created a service token with the required permissions, you’ll need to provide the token to the CLI installed in your Docker container.

1. In the Amplify console, choose App Settings, and then select Environment variables.
2. In the Environment variables section, select Manage variables.
3. Under Variable, enter the key INFISICAL_TOKEN. For the value, enter the generated service token from the previous step.
4. Click save.

In the prebuild phase, add the command in AWS Amplify to install the Infisical CLI.

build:
  phases:
    preBuild:
      commands:
	- sudo curl -1sLf 'https://dl.cloudsmith.io/public/infisical/infisical-cli/setup.rpm.sh' | sudo -E bash
	- sudo yum install infisical

You can now pull secrets from Infisical using the CLI and save them as a .env file. To do this, modify the build commands.

build:
  phases:
    build:
      commands:
	- INFISICAL_TOKEN=${INFISICAL_TOKEN}
    	- infisical export --format=dotenv > .env
    	- <rest of the commands>

Follow the Infisical AWS SSM Parameter Store Integration Guide to set up the integration. Pause once you reach the step where it asks you to select the path you would like to sync.

1. Open your AWS Amplify App console.
2. Go to Actions >> View App Settings
3. The App ID will be the last part of the App ARN field after the slash.

You need to set the path in the format /amplify/[amplify_app_id]/[your-amplify-environment-name] as the path option in AWS SSM Parameter Infisical Integration.