cdk-secret-manager-wrapper-layer
Project description
cdk-secret-manager-wrapper-layer
that Lambda layer uses a wrapper script to fetch information from Secrets Manager and create environmental variables.
idea from source
Example
import { App, Stack, CfnOutput, Duration } from 'aws-cdk-lib';
import { Effect, PolicyStatement } from 'aws-cdk-lib/aws-iam';
import { Function, Runtime, Code, FunctionUrlAuthType } from 'aws-cdk-lib/aws-lambda';
import { CfnSecret } from 'aws-cdk-lib/aws-secretsmanager';
import { SecretManagerWrapperLayer } from 'cdk-secret-manager-wrapper-layer';
const env = {
region: process.env.CDK_DEFAULT_REGION,
account: process.env.CDK_DEFAULT_ACCOUNT,
};
const app = new App();
const stack = new Stack(app, 'testing-stack', { env });
/**
* Example create an Secret for testing.
*/
const secret = new CfnSecret(stack, 'Mysecret', {
secretString: JSON.stringify({
KEY1: 'VALUE1',
KEY2: 'VALUE2',
KEY3: 'VALUE3',
}),
});
const layer = new SecretManagerWrapperLayer(stack, 'SecretManagerWrapperLayer');
const lambda = new Function(stack, 'fn', {
runtime: Runtime.PYTHON_3_9,
code: Code.fromInline(`
import os
def hander(events, contexts):
env = {}
env['KEY1'] = os.environ.get('KEY1', 'Not Found')
env['KEY2'] = os.environ.get('KEY2', 'Not Found')
env['KEY3'] = os.environ.get('KEY3', 'Not Found')
return env
`),
handler: 'index.hander',
layers: [layer],
timeout: Duration.minutes(1),
/**
* you need to define this 4 environment various.
*/
environment: {
AWS_LAMBDA_EXEC_WRAPPER: '/opt/get-secrets-layer',
SECRET_REGION: stack.region,
SECRET_ARN: secret.ref,
API_TIMEOUT: '5000',
},
});
/**
* Add Permission for lambda get secret value from secret manager.
*/
lambda.role!.addToPrincipalPolicy(
new PolicyStatement({
effect: Effect.ALLOW,
actions: ['secretsmanager:GetSecretValue'],
// Also you can use find from context.
resources: [secret.ref],
}),
);
/**
* For Testing.
*/
const FnUrl = lambda.addFunctionUrl({
authType: FunctionUrlAuthType.NONE,
});
new CfnOutput(stack, 'FnUrl', {
value: FnUrl.url,
});
Testing
# ex: curl https://sdfghjklertyuioxcvbnmghj.lambda-url.us-east-1.on.aws/
curl ${FnUrl}
{"KEY2":"VALUE2","KEY1":"VALUE1","KEY3":"VALUE3"}
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for cdk-secret-manager-wrapper-layer-2.0.20.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | ec32a27bf37cf3b7a6f409d66d863978326b99e3a24754b0afeec39503f81f9a |
|
MD5 | 14e6397b8f17342130314bba868f4856 |
|
BLAKE2b-256 | b1d313ac92e071bbcd9faa9be7c72d37eda8f09fde93b7e75715a580029cb81d |
Close
Hashes for cdk_secret_manager_wrapper_layer-2.0.20-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | d3c82af0799598404beaf7d749b0d5e793eb4bc344c990b45d02033106348788 |
|
MD5 | 9cf14d21b0371189650e2051ca92024b |
|
BLAKE2b-256 | c073de9f9c110050c89a5dc6771f7189acd270b87b23550961fe30c83bb76e56 |