awssecretcache

package
v1.101.18 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 5, 2024 License: MIT Imports: 9 Imported by: 0

Documentation

Overview

Package awssecretcache provides a simple client for retrieving and caching secrets from AWS Secrets Manager.

This package is based on the official aws-sdk-go-v2 library (https://pkg.go.dev/github.com/aws/aws-sdk-go-v2/service/secretsmanager) and implements github.com/Vonage/gosrvlib/pkg/sfcache to provide a simple, local, thread-safe, fixed-size, and single-flight cache for AWS Secrets lookup calls.

By caching previous values, awssecretcache improves the performance of secrets lookup by eliminating the need for repeated expensive requests.

This package provides a local in-memory cache with a configurable maximum number of entries. The fixed size helps with efficient memory management and prevents excessive memory usage. The cache is thread-safe, allowing concurrent access without the need for external synchronization. It efficiently handles concurrent requests by sharing results from the first lookup, ensuring that only one request makes the expensive call, and avoiding unnecessary network load or resource starvation. Duplicate calls for the same key will wait for the first call to complete and return the same value.

Each cache entry has a set time-to-live (TTL), so it will automatically expire. However, it is also possible to force the removal of a specific entry or reset the entire cache.

This package is ideal for any Go application that heavily relies on AWS Secrets lookups.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Cache

type Cache struct {
	// contains filtered or unexported fields
}

Cache is a wrapper for the SecretsManager client in the AWS SDK.

func New

func New(ctx context.Context, size int, ttl time.Duration, opts ...Option) (*Cache, error)

New creates a new instance of the AWS SecretsManager cache.

func (*Cache) GetSecretBinary

func (c *Cache) GetSecretBinary(ctx context.Context, key string) ([]byte, error)

GetSecretBinary retrieves the decrypted binary value of the specified secret key (SecretId). If the secret is stored as a string, it will be converted to a byte slice. Uses: GetSecretData.

func (*Cache) GetSecretData

func (c *Cache) GetSecretData(ctx context.Context, key string) (*awssm.GetSecretValueOutput, error)

GetSecretData retrieves the data of the specified secret key (SecretId). Duplicate calls for the same key will wait for the first external call to complete (single-flight). It also handles the case where the cache entry is removed or updated during the wait. The function returns the cached value if available; otherwise, it performs a new external call. If the external call is successful, it updates the cache with the newly obtained value.

func (*Cache) GetSecretString

func (c *Cache) GetSecretString(ctx context.Context, key string) (string, error)

GetSecretString retrieves the decrypted string value of the specified secret key (SecretId). If the secret is stored as a binary, it will be converted to a string. Uses: GetSecretData.

func (*Cache) Len

func (c *Cache) Len() int

Len returns the number of items in the cache.

func (*Cache) Remove

func (c *Cache) Remove(key string)

Remove removes the cache entry for the specified key.

func (*Cache) Reset

func (c *Cache) Reset()

Reset clears the whole cache.

type Option

type Option func(*cfg)

Option is a type to allow setting custom client options.

func WithAWSOptions

func WithAWSOptions(opt awsopt.Options) Option

WithAWSOptions allows to add an arbitrary AWS options.

func WithEndpointImmutable

func WithEndpointImmutable(url string) Option

WithEndpointImmutable sets an immutable endpoint.

func WithEndpointMutable

func WithEndpointMutable(url string) Option

WithEndpointMutable sets a mutable endpoint.

func WithSecretsManagerClient

func WithSecretsManagerClient(smclient SecretsManagerClient) Option

WithSecretsManagerClient overrides the AWS secretemanager.Client with a custom one.

func WithSrvOptionFuncs

func WithSrvOptionFuncs(opt ...SrvOptionFunc) Option

WithSrvOptionFuncs allows to specify specific options.

type SecretsManagerClient

type SecretsManagerClient interface {
	GetSecretValue(ctx context.Context, params *awssm.GetSecretValueInput, optFns ...func(*awssm.Options)) (*awssm.GetSecretValueOutput, error)
}

SecretsManagerClient represents the mockable functions in the AWS SDK SecretsManagerClient client.

type SrvOptionFunc

type SrvOptionFunc = func(*secretsmanager.Options)

SrvOptionFunc is an alias for this service option function.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL