Class: SimplyGenius::Atmos::Providers::Aws::SsmSecretManager

Inherits:

Object

• Object
• SimplyGenius::Atmos::Providers::Aws::SsmSecretManager

Includes:

GemLogger::LoggerSupport

Defined in:

lib/simplygenius/atmos/providers/aws/ssm_secret_manager.rb

Instance Method Summary

• #delete(key) ⇒ Object
• #get(key) ⇒ Object
• #initialize(provider) ⇒ SsmSecretManager constructor

  A new instance of SsmSecretManager.

• #set(key, value, force: false) ⇒ Object
• #to_h ⇒ Object

Constructor Details

#initialize(provider) ⇒ SsmSecretManager

Returns a new instance of SsmSecretManager.

# File 'lib/simplygenius/atmos/providers/aws/ssm_secret_manager.rb', line 12

def initialize(provider)
  @provider = provider
  @path_prefix = "#{Atmos.config[:secret][:prefix]}"
  @encrypt = Atmos.config[:secret][:encrypt]
end

Instance Method Details

#delete(key) ⇒ Object

# File 'lib/simplygenius/atmos/providers/aws/ssm_secret_manager.rb', line 39

def delete(key)
  client.delete_parameter(name: param_name(key))
end

#get(key) ⇒ Object

# File 'lib/simplygenius/atmos/providers/aws/ssm_secret_manager.rb', line 34

def get(key)
  resp = client.get_parameter(name: param_name(key), with_decryption: @encrypt)
  resp.parameter.value
end

#set(key, value, force: false) ⇒ Object

# File 'lib/simplygenius/atmos/providers/aws/ssm_secret_manager.rb', line 18

def set(key, value, force: false)
  opts = {}

  param_name = param_name(key)
  param_type = @encrypt ? "SecureString" : "String"
  param_value = value

  if value.is_a?(Array)
    raise "AWS SSM Parameter Store cannot encrypt lists directly" if @encrypt
    param_type = "StringList"
    param_value = value.join(",")
  end

  client.put_parameter(name: param_name, value: param_value, type: param_type, overwrite: force)
end

#to_h ⇒ Object

# File 'lib/simplygenius/atmos/providers/aws/ssm_secret_manager.rb', line 43

def to_h
  result = {}
  next_token = nil
  loop do
    # max_results can't be greater than 10, which is the default
    resp = client.get_parameters_by_path(path: param_name(""),
                                         next_token: next_token,
                                         recursive: true, with_decryption: @encrypt)
    resp.parameters.each do |p|
      key = p.name.gsub(/^#{param_name("")}/, '')
      result[key] = p.value
    end

    next_token = resp.next_token
    break if next_token.nil?
  end

  return result
end