awssecretmanager

package module

v0.0.0-...-3bdb644 Latest Latest Go to latest Published: Oct 15, 2024 License: MIT Imports: 11 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vincentkerdraon/configo

Links

Open Source Insights

Documentation ¶

Overview ¶

Package awssecretmanager helps loading a secret from https://aws.amazon.com/secrets-manager/

Helper for the default format available from the console:

plain text
JSON.

Rotation state:

disable: there is only one value.
enable: a lambda is rotating the secret. Retriving values for the stages: Previous + Current + Pending

When the rotation is disabled, this package will return the Current value for all the stages.

Check also the go lambda package to rotate the secret.

Index ¶

func New(svcSecretManager AWSSecretsManager, opts ...OptionsF) *impl
type AWSSecretsManager
type Cache
type Manager
type Options
type OptionsF

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func New ¶

func New(svcSecretManager AWSSecretsManager, opts ...OptionsF) *impl

New creates a manager.

svcSecretManager is the AWS service.

Types ¶

type AWSSecretsManager ¶

type AWSSecretsManager interface {
	//GetSecretValueWithContext grabs the secrets. In case of error, it will retry as per the AWS session configuration.
	GetSecretValueWithContext(ctx context.Context, input *secretsmanager.GetSecretValueInput, opts ...request.Option) (*secretsmanager.GetSecretValueOutput, error)
}

type Cache ¶

type Cache interface {
	Add(key, value interface{})
	Get(key interface{}) (value interface{}, ok bool)
}

type Manager ¶

type Manager interface {
	LoadValueWhenJSON(ctx context.Context, secretName string, secretKey string) (_ *secretrotation.Secret, fromCache bool, _ error)
	LoadValueWhenPlainText(ctx context.Context, secretName string) (_ *secretrotation.Secret, fromCache bool, _ error)
	LoadRotatingSecretWhenJSON(ctx context.Context, secretName string, secretKey string) (_ *secretrotation.RotatingSecret, fromCache bool, _ error)
	LoadRotatingSecretWhenPlainText(ctx context.Context, secretName string) (_ *secretrotation.RotatingSecret, fromCache bool, _ error)
}

type Options ¶

type Options struct {
	Logger      *slog.Logger
	Cache       Cache
	ImplCacheID string
	Lock        lock.Locker
}

type OptionsF ¶

type OptionsF func(o *Options)

func WithCache ¶

func WithCache(c Cache, implCacheID string) OptionsF

WithCache adds a caching layer to avoid calling many time the same secret in a row, for example for JSON document secrets.

A cache with TTL is recommended to increase speed and reduce cost. See cachelruttl.

Set implCacheID in the case of the same cache used in different implementation. To avoid key collision. Can be empty.

func WithLock ¶

func WithLock(l lock.Locker) OptionsF

WithLock for a lock when changing values

func WithLogger ¶

func WithLogger(l *slog.Logger) OptionsF

WithLogger to show information about the processing steps

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
awssecretmanagerlib module
awssecretmanagerrotationlambda module
cachelruttl module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL