SecretManager class to retrieve secrets from AWS System Manager Parameter Store
Project description
AWS SSM Parameter Store SecretManager class
This class provides some functions for retrieving secrets / parameters stored in AWS Parameter Store
Getting started
pip install ssm_secret_manager
Create a SecretManager instance
from ssm_secret_manager import SecretManager
CONFIG = {
'region_name': 'us-east-1',
'SECRETS': {
'secret_name_1': 'secret_key_1_in_parameter_store',
'secret_name_2': 'secret_key_2_in_parameter_store'
}
}
secret_manager = SecretManager(
region_name=CONFIG['region_name'],
secrets_mapping=CONFIG['SECRETS']
)
SecretManager will fetch the value from parameter store based on the key defined in the secrets_mapping dictionary, and set the value of the parameter to the secret name.
# subsequently, you access the secret via the following line
secret_value_1 = secret_manager.get_secret('secret_name_1')
secret_value_2 = secret_manager.get_secret('secret_name_2')
Common Question
-
Encountered ParameterNotFound
- Make sure the secret is being defined in the correct region in AWS, and your AWS profile has the permission to view the secret (i.e. correct IAM role permission)
-
What is the differences between
secret_name
andsecret_key_in_parameter_store
shown in the code example?-
secret_key_in_parameter_store
is the name of the parameter in AWS Parameter Store -
secret_name
allows you to have a common variable / key name to access to the value of secret given different environment -
For example, you have a
secret_name
-DB_PASSWORD
. In dev environment yoursecret_key_in_parameter_store
might be set toDEV_DB_PASSWORD
while your prod environment it's set toPROD_DB_PASSWORD
. Using SecretManager, you can retrieve the value for different environment using the common key nameDB_PASSWORD
, i.e.
secret_manager.get_secret('DB_PASSWORD')
-
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for ssm_secret_manager-0.1.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 07caf5c82cd3337681ac6c7402c83a6688e6b4cc8676ec4312fd459cc0cfdfe3 |
|
MD5 | 31ad1a51d2d8ab110a04fc684f30c184 |
|
BLAKE2b-256 | 19e6dd6c4ede961f2f23fe97f326007a4f366b6768733af41a9ef7e3f61603cc |