A unified interface for managing secrets across multiple cloud providers. This package includes concrete implementations for Azure Key Vault and Google Cloud Secret Manager, providing a consistent and simplified API for secret creation, retrieval, and management. It is designed to facilitate secure and efficient secret handling in cloud-based applications, promoting best practices in secret management.
Project description
Cloud Secret Manager
Cloud Secret Manager is a Python package providing a unified interface for managing secrets across multiple cloud providers. With concrete implementations for Azure Key Vault and Google Cloud Secret Manager, this package offers a consistent and simplified API for the creation, retrieval, and management of secrets, tailored for secure and efficient handling in cloud-based applications.
Project Structure
The project is organized as follows:
.
├── README.md
├── cloudsecretmanager
│ ├── __init__.py
│ ├── azure.py # Azure Key Vault implementation
│ ├── gcp.py # Google Cloud Secret Manager implementation
│ └── secret_manager.py # Abstract base class for secret managers
├── poetry.lock
├── pyproject.toml
└── tests
├── __init__.py
├── test_az_mock.py # Mock tests for Azure implementation
└── test_az_real_connection.py # Real connection tests for Azure implementation
Features
- Unified API: A single, standardized interface for interacting with different cloud secret management services.
- Cloud Provider Support: Concrete implementations for both Azure Key Vault and Google Cloud Secret Manager.
- Secure Handling: Designed to promote best practices in secret management for cloud applications.
- Easy Integration: Simplifies the process of integrating secret management into cloud-based Python applications.
Installation
This package can be installed using pip:
pip install cloudsecretmanager
Usage
To use the Cloud Secret Manager, first import the appropriate class for your cloud provider:
from cloudsecretmanager.azure import AzureKeyVaultManager
from cloudsecretmanager.gcp import GCPSecretManager
Unified API Overview
The Cloud Secret Manager package is designed with a unified API, meaning it offers a consistent set of methods and interfaces for managing secrets, regardless of the underlying cloud provider. This unified approach simplifies secret management in multi-cloud environments and makes the code more maintainable and scalable.
The same set of methods (create, get) can be used for different cloud providers. This consistency greatly simplifies the learning curve when switching between or working with multiple cloud environments.
With a unified API, you can easily switch between cloud providers without significantly altering your codebase. This flexibility is crucial for scenarios where applications might migrate or span multiple cloud services.
Azure Key Vault Example
# Create an instance of AzureKeyVaultManager
azure_manager = AzureKeyVaultManager(vault_url="https://your-vault-url.vault.azure.net/")
# Create or update a secret
azure_manager.create(secret_id="your-secret-id", payload="your-secret-value")
# Retrieve a secret
secret_value = azure_manager.get(secret_id="your-secret-id")
Google Cloud Secret Manager Example
# Create an instance of GCPSecretManager
gcp_manager = GCPSecretManager(project_id="your-gcp-project-id")
# Create or update a secret
gcp_manager.create(secret_id="your-secret-id", payload="your-secret-value")
# Retrieve a secret
secret_value = gcp_manager.get(secret_id="your-secret-id")
Testing
The package includes unit tests for both Azure and GCP implementations. These tests are designed to ensure the integrity and correctness of the package functionalities.
To run the tests, you'll need to have Python and the necessary dependencies installed. You can run the tests directly using the Python unittest module from the root directory of the project.
Follow these steps to execute the tests:
-
Navigate to the root directory of the project.
-
Run the tests using the following command:
python -m unittest discover -s tests
Contributing
Contributions to the Cloud Secret Manager are welcome! Please refer to the contributing guidelines for more information.
License
This project is licensed under the MIT License - see the LICENSE file for details.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file cloudsecretmanager-0.2.1.tar.gz.
File metadata
- Download URL: cloudsecretmanager-0.2.1.tar.gz
- Upload date:
- Size: 3.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.5.1 CPython/3.9.6 Darwin/23.1.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | b55ea70b73ec4fb0ba16b4a18a5c98dc13c46cc7ed739731deee10c2b1c7a242 |
|
| MD5 | d0dacc4c1043dd3702122fb81d2f9381 |
|
| BLAKE2b-256 | 4f0597ac281bbeb12b726dcbdbf4d1020bf6e816404ead6633af6c0e296bedb9 |
File details
Details for the file cloudsecretmanager-0.2.1-py3-none-any.whl.
File metadata
- Download URL: cloudsecretmanager-0.2.1-py3-none-any.whl
- Upload date:
- Size: 5.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.5.1 CPython/3.9.6 Darwin/23.1.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 238978183269ccc720e1496d684a7f04cd6ec23c6a15d9c337b652f43b042523 |
|
| MD5 | 64b56536ad7692f8b9a7551e21bda461 |
|
| BLAKE2b-256 | 7a49b5a8b8bc0e513ac7e8d370f1fc7f2ca8764271d32e1bcd66857deb9ca868 |
