Skip to main content

Fetch AWS secrets in a way similar to consul-env

Project description

Fetch secrets from AWS Secrets Manager similar to env-consul

Usage

usage: secrets-env [-h] [-p PREFIX] [-m] [--stdin STDIN] [-e] [-u | -l] secret [secret ...]

Return one or more secrets by either name or pattern, using Unix style glob matching. When using glob style matches then all secret names that
match the pattern will be returned. When using stdin and specifying options per pattern the options will be applied to the first match whereas multiple secrets
supplied as positional args will have the options provided as commandline arguments applied to all of them.

positional arguments:
  secret

options:
  -h, --help            show this help message and exit
  -p PREFIX, --prefix PREFIX
                        Prepend a prefix to each value
  -m, --merge-keys      Merge all secrets into one object. Secrets that are simple strings will have the last segment of their name (characters following the last /) as they key.
  --stdin STDIN         Read secret options from stdin. See details below for more info.

                        When using stdin, a subset of arguments are taken as lowercase strings matching the long version of argument names and separated by a pipe. You don't actually have to use this argument to use stdin.
                        Technically just passing data on stdin is enough.
                        Example:

                        echo 'myvar | upper | prefix TF_VAR_;' | secrets-env -

                        This is the equivalent of passing -u -p TF_VAR_ myvar as commandline arguments. Note the ending '-'. Multiple secrets are supported, with each
                        one taking its own set of arguments and separated by a semi-colon.

  -e, --env             Format output as env vars for a shell to consume
  -u, --upper           Cast secret names to upper case. Does not apply to prefixes.
  -l, --lower           Cast secret names to lower case. Does not apply to prefixes.

Examples

Basic example

~  > secrets-env -m mmoon-test/1 mmoon-test/2
{
  "test1": "test1val",
  "test2": "test2val"
}

Returning TF input variables

~  > secrets-env -m -e -p TF_VAR_  mmoon-test/1 mmoon-test/2
TF_VAR_test1=test1val
TF_VAR_test2=test2val

Passing args on stdin

You can pass multiple secrets on stdin, each with their own flags for --upper, --lower, or --prefix. --merge-keys and --env are always set os commandline flags and will be ignored if set on stdin. Note the - delimiting the end of arg input. This tells secrets-env that commandline args have ended and to start reading from stdin.

echo '
mmoon-test/1 | upper | prefix MY_PREFIX_;
mmoon-test/2 | lower | prefix stay_lower_prefix_;
' | secrets-env -me -

MY_PREFIX_MMOON_TEST_1=test1val
stay_lower_prefix_test=test2val

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aws_secrets_env-0.1.2.tar.gz (5.6 kB view hashes)

Uploaded Source

Built Distribution

aws_secrets_env-0.1.2-py3-none-any.whl (7.1 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page