Fetch a value from various sources, e.g AWS Secrets Manager and SSM Parameter Store
Project description
Value fetcher
Introduction
Python module to fetch values from multiple sources with optional defaults, including:
- Environment variables
- AWS Systems Manager (SSM) Parameter Store
- AWS Secrets Manager
Usage
Install the package with the following:
pip install value-fetcher
Fetching values directly
In this use case, the value fetcher package makes it convenient to fetch values from the supported sources in a consistent and simplified manner.
from value_fetcher import ValueFetcher
# Instantiate value fetcher class
fetcher = ValueFetcher()
# Retrieve values from supported AWS sources
my_secret = fetcher.get_from_aws_secrets_manager('/my/secret/key')
my_param = fetcher.get_from_aws_ssm_parameter_store('/my/parameter/key')
Configuring source locations dynamically
In this use case, environment variables are used to configure the sources for multiple keys. This is useful in more complex applications where lots of values need to be fetched and the source needs to be configured dynamically. See this contact form handler repository for example usage.
Environment variables can be appended to the configuration key name, setting the source of the value. These are:
_PARAMETER_STORE_NAME
- for AWS SSM Parameter Store_SECRETS_MANAGER_NAME
- for AWS Secrets Manager
One of the available configuration sources for each value must also be set by setting an environment variable ending with _SOURCE
for the value name:
env
- Environment variables (default)aws_ssm_parameter_store
- AWS Systems Manager (SSM) Parameter Storeaws_secrets_manager
- AWS Secrets Manager
For example, to fetch MY_PARAM
from AWS SSM Parameter Store and MY_SECRET
from AWS Secrets Manager, consider the following python script (e.g. app.py
) called subsequently by a shell script:
# This file is app.py for example
from value_fetcher import ValueFetcher
# Instantiate value fetcher class, with optional defaults if values cannot be found
fetcher = ValueFetcher({
'MY_PARAM': 'Default value if none can be found',
})
# Retrieve values from supported AWS sources
my_secret = fetcher.get('MY_SECRET')
my_param = fetcher.get('MY_PARAM')
print(my_secret)
print(my_param)
The above scripts would be called by the following shell script:
#!/usr/bin/bash
MY_PARAM_SOURCE="aws_ssm_parameter_store"
MY_PARAM_PARAMETER_STORE_NAME="/my/parameter/store/key/name"
MY_SECRET_SOURCE="aws_secrets_manager"
MY_SECRET_SECRETS_MANAGER_NAME="my/secrets/manager/key/name"
export MY_PARAM_SOURCE MY_PARAM_PARAMETER_STORE_NAME
export MY_SECRET_SOURCE MY_SECRET_SECRETS_MANAGER_NAME
# For AWS ensure credentials are available, e.g. with AWS SSO, aws-vault, aws-profile etc.
python app.py
Development
This project uses Poetry for package management. After cloning, run:
./scripts/poetry.sh
to install dependencies for local development and running tests, etc.
Tests
To run static code analysers and unit tests:
./scripts/validate.sh
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for value_fetcher-1.0.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 105e45d38e34dc4972585643e54fc5e2b0cf9fd43f63314bdf5460657692e6f3 |
|
MD5 | 56b237a80295ac531969be6495ef4db7 |
|
BLAKE2b-256 | 36970cf40958bbc4e909999c06e5663d6ad3d08d3d0e4a1b8e2a5f94e08ef585 |