SecretManager class to retrieve secrets from AWS System Manager Parameter Store
Project description
AWS SSM Parameter Store SecretManager class
This class provides some functions for retrieving secrets / parameters stored in AWS Parameter Store
Getting started
pip install ssm_secret_manager
Create a SecretManager instance
from ssm_secret_manager import SecretManager
CONFIG = {
'region_name': 'us-east-1',
'SECRETS': {
'secret_name_1': 'secret_key_1_in_parameter_store',
'secret_name_2': 'secret_key_2_in_parameter_store'
}
}
secret_manager = SecretManager(
region_name=CONFIG['region_name'],
secrets_mapping=CONFIG['SECRETS']
)
SecretManager will fetch the value from parameter store based on the key defined in the secrets_mapping dictionary, and set the value of the parameter to the secret name.
# subsequently, you access the secret via the following line
secret_value_1 = secret_manager.get_secret('secret_name_1')
secret_value_2 = secret_manager.get_secret('secret_name_2')
Common Question
-
Encountered ParameterNotFound
- Make sure the secret is being defined in the correct region in AWS, and your AWS profile has the permission to view the secret (i.e. correct IAM role permission)
-
What is the differences between
secret_name
andsecret_key_in_parameter_store
shown in the code example?-
secret_key_in_parameter_store
is the name of the parameter in AWS Parameter Store -
secret_name
allows you to have a common variable / key name to access to the value of secret given different environment -
For example, you have a
secret_name
-DB_PASSWORD
. In dev environment yoursecret_key_in_parameter_store
might be set toDEV_DB_PASSWORD
while your prod environment it's set toPROD_DB_PASSWORD
. Using SecretManager, you can retrieve the value for different environment using the common key nameDB_PASSWORD
, i.e.
secret_manager.get_secret('DB_PASSWORD')
-
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ssm_secret_manager-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | da84a1da5ff95bb9fb0e042029ad2a7b43d34785b8f0523d8f048fc04d40ff20 |
|
MD5 | b791d3cf927b9d601a74eb36410ab8d2 |
|
BLAKE2b-256 | 9a9cd7191c85433c707d15acef22a20098aad91ee78bd1ffbcc496dfc242e129 |