We have a node application running in ECS and have local credentials in the .env file but we don't want to load credentials from the .env file due to security. Rather, we want those to be injected by AWS into the container environment. We don't want to use AWS SDK to fetch secrets in a node application. Is there any way to inject all secrets into the container environment?
Yes, you can specify sensitive data to be automatically fetched and injected to your container.
You do this using secrets parameter of your Task Definition:
Amazon ECS enables you to inject sensitive data into your containers by storing your sensitive data in either AWS Secrets Manager secrets or AWS Systems Manager Parameter Store parameters and then referencing them in your container definition.