Simplify retrieval of secrets from AWS SecretsManager. Optionally auto-memoize secrets in environment variables to improve performance and reduce costs.
Project description
Get AWS Secret
Simplify retrieval of secrets from AWS SecretsManager. Optionally auto-memoize secrets in environment variables to improve performance and reduce costs.
We built this library in Hackt to support local development of internal projects and public apps in our catalog. Learn more about other open-source libraries on lib.hackt.app.
Runtime support
This is the Python runtime library, compatible with Python3.6+. Currently there isn't support for other runtimes. A Javascript/nodejs version is planned, but unscheduled.
Installation and Usage
Install with pip: pip install get-aws-secret
from get_aws_secret import get_secret
secret_val = get_secret('MY_SECRET_DATA')
The get_secret
method also accepts a secret ARN:
secret_val = get_secret('arn:aws:secretsmanager:us-east-1:123456789012:secret:MY_SECRET_DATA')
Memoization
The library can automatically set the secret as environment variable and retrieve from there in subsequent requests.
from get_aws_secret import get_secret
secret_val = get_secret('MY_SECRET_DATA', memoize=True)
In the first run, setting memoize=True
is equivalent to running os.environ['MY_SECRET_DATA'] = secret_val
after retrieving the secret.
In subsequent calls with memoize=True
, the function will find MY_SECRET_DATA
in os.environ
and retrieve it locally . In other words, it won't hit the AWS endpoints (saves a few milliseconds and cents).
It's possible to set the behavior of memoize=True
(in fact, any other get_value argument) as the default for all requests without explicit argument:
from get_aws_secret import get_secret_fix_args
get_secret = get_secret_fix_args(memoize=True)
secret_val = get_secret('MY_SECRET_DATA')
Custom boto3.client
Optionally, set a custom boto3.client
with:
import boto3
from get_aws_secret import get_secret_fix_args
client = boto3.client('secretsmanager', region_name='my-region-1')
get_secret = get_secret_fix_args(client=client)
secret_val = get_secret('MY_SECRET_DATA')
License
This library is licensed under Apache 2.0.
Contributor guide
Please check out guidelines in the repository wiki.
Acknowledgements
Published & supported by Hackt App
Logos provided by Clearbit
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for get_aws_secret-0.1.0b0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 333e2ca9243df731569737fdcfe51904f4f0b1918e99b5b47087c186001043de |
|
MD5 | bb6a5582a23eb20282bc4f481fbe1b2d |
|
BLAKE2b-256 | 95474b9639c2c13356016267c612f9d4e30581f46cf40a8876c8e8b98e6b03cb |