Class: GemOps::AWS::SecretsManager

Inherits:
Object
  • Object
show all
Defined in:
lib/gemops/aws/SecretsManager.rb

Overview

Various SecretsManager Actions

Instance Method Summary collapse

Constructor Details

#initialize(environment = 'shared') ⇒ SecretsManager

The default constructor

Parameters:

  • : (String)

    environment

Raises:

  • (Aws::SecretsManager::Errors::ServiceError) 


13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/gemops/aws/SecretsManager.rb', line 13

def initialize(environment = 'shared')
    begin
    LOGGER.info('Initializing The Secrets Manager Client')
    credentials = GemOps::AWS::Sts.new.assume_role(environment)
    @secrets_manager_client = Aws::SecretsManager::Client.new({
        "region": "us-east-1",
        "credentials": credentials
    })
    rescue Aws::SecretsManager::Errors::ServiceError => e
        raise e
    rescue StandardError => e
        raise e
    end
end

Instance Method Details

#list_secretsArray

List All The Secrets Non Paginated

Returns:

  • (Array)

    : secrets_list

Raises:

  • (Aws::SecretsManager::Errors::ServiceError, StandardError) 


32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
 
# File 'lib/gemops/aws/SecretsManager.rb', line 32

def list_secrets
    begin
        secrets_manager_list_params = Hash.new
        secrets_manager_list_params[:max_results] = 10
        all_the_secrets = Array.new
        condition = true
        while condition do
            secrets_list = @secrets_manager_client.list_secrets(secrets_manager_list_params)
            next_token = secrets_list.to_h[:next_token]
            if next_token
                puts "\n\nPaginated Response\n\n"
                puts "\n\nHere is the Next Token = #{next_token}\n\n"
                secrets_list.to_h[:secret_list].each do |secret|
                    all_the_secrets.push(secret)
                end
                secrets_manager_list_params[:next_token] = next_token
                next_token = ""
            else
                condition = false
            end
        end
        all_the_secrets
    rescue Aws::SecretsManager::Errors::ServiceError => e
        raise e
    rescue StandardError => e
        raise e
    end
end

#retrieve_aws_secret(secret_path, secret_key) ⇒ String

Retrieves An AWS Secrets Manager Secrets

Parameters:

  • : (String)

    secret_path

  • : (String)

    secret_key

Returns:

  • (String)

    : Retrieved AWS Secret

Raises:

  • (Aws::SecretsManager::Errors::ServiceError, StandardError) 


92
93
94
95
96
97
98
99
100
101
102
 
# File 'lib/gemops/aws/SecretsManager.rb', line 92

def retrieve_aws_secret(secret_path, secret_key)
    begin
        JSON.parse(@secrets_manager_client.get_secret_value({
            secret_id: secret_path
        }).secret_string)[secret_key]
    rescue Aws::SecretsManager::Errors::ServiceError => e
        raise e
    rescue StandardError => e
        raise e
    end
end

#retrieve_aws_secrets_as_hash(secret_paths) ⇒ Hash

Retrieves Secrets From A List

Parameters:

  • : (Array)

    secret_paths

Returns:

  • (Hash)

Raises:

  • (Aws::SecretsManager::Errors::ServiceError, StandardError) 


66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# File 'lib/gemops/aws/SecretsManager.rb', line 66

def retrieve_aws_secrets_as_hash(secret_paths)
    begin
        secrets_hash = Hash.new
        secrets_paths.each do |secrets_path|
            user_name = JSON.parse(@secrets_manager_client.get_secret_value({
                secret_id: secrets_path
            }).secret_string)['userName']
            password = JSON.parse(@secrets_manager_client.get_secret_value({
                secret_id: secrets_path
            }).secret_string)['password']
            secrets_hash[user_name] = password
        end
        secrets_hash
    rescue Aws::SecretsManager::Errors::ServiceError => e
        raise e
    rescue StandardError => e
        raise e
    end
end