Load Pydantic v2 settings from AWS Secrets Manager and SSM Parameter Store

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for rafaelmarques from gravatar.com rafaelmarques
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Tags aws , aws configuration , aws secrets manager , aws secrets manager python , configuration management , fastapi , parameter store python , pydantic , pydantic aws , pydantic-settings , python configuration aws , secrets management , ssm , ssm parameter store , typed configuration
  • Requires: Python >=3.10
  • Provides-Extra: dev , docs
Classifiers
Report project as malware

Project description

Pydantic Settings AWS

pydantic-settings-aws logo


CI codecov PyPI - Implementation PyPI - Python Version Pydantic v2 only PyPI - License Downloads

pydantic-settings-aws extends Pydantic Settings to load configuration from AWS Secrets Manager and SSM Parameter Store directly into type-safe Pydantic models, eliminating the need for manual boto3 parsing or environment variable mapping.

📖 Full documentation

✨ Why pydantic-settings-aws?

  • Define your configuration once using Pydantic models
  • Load secrets and parameters from AWS without manual boto3 code
  • Built-in validation, parsing, and type safety
  • Works with any AWS authentication method — profiles, SSO, IAM roles, access keys
  • Thread-safe and compatible with free-threaded Python

⚡ Quick Start

Add your secret to AWS Secrets Manager as a JSON object:

{
    "username": "admin",
    "password": "s3cr3t"
}

Then create your settings class:

from pydantic_settings_aws import AWSSettingsConfigDict, SecretsManagerBaseSettings


class MySettings(SecretsManagerBaseSettings):
    model_config = AWSSettingsConfigDict(
        secrets_name="my/secret"
    )

    username: str
    password: str


settings = MySettings()
print(settings.username)  # "admin"

That’s it, boto3 will resolve your AWS credentials automatically using its standard configuration chain.

✅ Features

  • Load settings from AWS Secrets Manager, SSM Parameter Store, or both simultaneously
  • Type-safe configuration with full IDE autocomplete via AWSSettingsConfigDict
  • Multi-region and multi-account support via per-field boto3 clients
  • Thread-safe client cache, compatible with free-threaded Python (3.13t, 3.14t)
  • Falls back to environment variables, dotenv, and secret files automatically

🔧 Requirements

Python Pydantic boto3
3.10+ v2 v1

💽 Installation

pip install pydantic-settings-aws

Or with uv:

uv add pydantic-settings-aws

📦 Usage

You can provide your own boto3 client or let pydantic-settings-aws create one for you. To learn how boto3 resolves credentials, see Configuring credentials.

🔐 Secrets Manager — with boto3 client

import boto3
from pydantic_settings_aws import AWSSettingsConfigDict, SecretsManagerBaseSettings


client = boto3.client("secretsmanager")


class MySettings(SecretsManagerBaseSettings):
    model_config = AWSSettingsConfigDict(
        secrets_name="my/secret",
        secrets_client=client
    )

    username: str
    password: str
    name: str | None = None


settings = MySettings()

Your secret content must be valid JSON with keys matching the field names:

{
    "username": "admin",
    "password": "admin",
    "name": "John"
}

📦 SSM Parameter Store

from typing import Annotated
from pydantic_settings_aws import AWSSettingsConfigDict, ParameterStoreBaseSettings


class MySettings(ParameterStoreBaseSettings):
    model_config = AWSSettingsConfigDict(aws_region="us-east-1")

    # pydantic-settings-aws looks for a parameter named "db_host"
    db_host: str

    # explicit parameter name via Annotated
    db_port: Annotated[str, "/myapp/prod/db/port"]

🙋🏾‍♂️ Secrets Manager — with AWS profile

from pydantic_settings_aws import AWSSettingsConfigDict, SecretsManagerBaseSettings


class MySettings(SecretsManagerBaseSettings):
    model_config = AWSSettingsConfigDict(
        secrets_name="my/secret",
        aws_region="us-east-1",
        aws_profile="dev"
    )

    username: str
    password: str

🔑 Secrets Manager — with access key

from pydantic_settings_aws import AWSSettingsConfigDict, SecretsManagerBaseSettings


class MySettings(SecretsManagerBaseSettings):
    model_config = AWSSettingsConfigDict(
        secrets_name="my/secret",
        aws_region="us-east-1",
        aws_access_key_id="aws_access_key_id",
        aws_secret_access_key="aws_secret_access_key",
        aws_session_token="aws_session_token"
    )

    username: str
    password: str

🔒 Secrets Manager — with AWS IAM Identity Center (SSO)

aws sso login --profile my-profile

from pydantic_settings_aws import AWSSettingsConfigDict, SecretsManagerBaseSettings


class MySettings(SecretsManagerBaseSettings):
    model_config = AWSSettingsConfigDict(
        secrets_name="my/secret"
    )

    username: str
    password: str

👩🏼‍⚖️ License

This project is licensed under the terms of the MIT license.

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for rafaelmarques from gravatar.com rafaelmarques
Meta

Unverified details

These details have not been verified by PyPI
Meta
  • License Expression: MIT
    SPDX License Expression
  • Tags aws , aws configuration , aws secrets manager , aws secrets manager python , configuration management , fastapi , parameter store python , pydantic , pydantic aws , pydantic-settings , python configuration aws , secrets management , ssm , ssm parameter store , typed configuration
  • Requires: Python >=3.10
  • Provides-Extra: dev , docs
Classifiers

Release history Release notifications | RSS feed

1.2.0b1 pre-release

This version

1.1.0

1.0.0

1.0.0b1 pre-release

0.1.2

0.1.1

0.1.0

0.0.2

0.0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pydantic_settings_aws-1.1.0.tar.gz (475.5 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

pydantic_settings_aws-1.1.0-py3-none-any.whl (13.7 kB view details)

Uploaded Python 3

File details

Details for the file pydantic_settings_aws-1.1.0.tar.gz.

File metadata

  • Download URL: pydantic_settings_aws-1.1.0.tar.gz
  • Upload date:
  • Size: 475.5 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for pydantic_settings_aws-1.1.0.tar.gz
Algorithm Hash digest
SHA256 c3da161e3f118b55e6e018e2f5819bae23728bb1f4138008dea4eb44c4eaa13d
MD5 3bf53fddad20b171505653fe9c954dd8
BLAKE2b-256 416518f2644acc3e852600bc7984c68697457c5cf7fbc142ab0e49c7aa5c0992

See more details on using hashes here.

Provenance

The following attestation bundles were made for pydantic_settings_aws-1.1.0.tar.gz:

Publisher: ci.yml on ceb10n/pydantic-settings-aws

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file pydantic_settings_aws-1.1.0-py3-none-any.whl.

File metadata

File hashes

Hashes for pydantic_settings_aws-1.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 3b9682cf736d9d80d19258f81dec3582c27d24800b5cabda92552eebc1fb93eb
MD5 dffcc4dac6f172318bfc1b3dc359498f
BLAKE2b-256 1625ada5c2e2cd0005a9e9e069606e2bd8672ee7bfc81951468b41abee3cfc35

See more details on using hashes here.

Provenance

The following attestation bundles were made for pydantic_settings_aws-1.1.0-py3-none-any.whl:

Publisher: ci.yml on ceb10n/pydantic-settings-aws

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page