GitLocker: The Coding Marketplace

Description:

datacocosecretsmanager 0.1.4

datacoco-secretsmanager provides basic interaction with the Amazon Web
Service (AWS) Secrets Manager service.

Installation
datacoco-secretsmanager requires Python 3.6+
python3 -m venv venv
source venv/bin/activate
python -m pip install datacoco_secretsmanager

Quickstart
datacoco-secretsmanager utilizes the boto3 library to interact with the AWS Secrets Manager service, requiring AWS credentials configuration. Lookup of credentials by boto3 is documented here.
Based on how you store your AWS credentials, you can use datacoco-secretsmanager in the following ways.
If you have AWS credentials stored in the default
~/.aws/credentials, instantiate a SecretsManager class using:
from datacoco_secretsmanager import SecretsManager

sm = SecretsManager()
You can also pass in AWS authentication keys directly:
from datacoco_secretsmanager import SecretsManager

sm = SecretsManager(

aws_access_key_id,

aws_secret_access_key,

aws_role_arn, # only required if you are using role based access

)
Otherwise, if you are running on an Amazon EC2 instance, and credentials are not passed in either way above, you can have boto3 load credentials from the instance metadata service.
datacoco-secretsmanager will then assume the same IAM role as you specified when you launched your EC2 instance.

One Secret
Store a secret in AWS Secrets manager:
AWS Secret name
<AWS-secret-name-for-connection>
| Key | Value |
| ---------- | -------------|
| <db-name> | <db-name> |
| <user> | <user-name> |
| <host> | <host> |
| <port> | <port-value> |
| ... | ... |
To fetch a single secret, use:
sm.get_secret(<aws_secret_resource_name>)

Many Secrets
For a project, you may have more than one secret or credentials for more
than one system.
You can handle by storing key/value mapping for all required credentials
in an AWS secret for the project, then further store credentials in a
separate AWS secret for each credential name indicated in a key’s value.
For example, storing a single AWS secret to map or provide lookup to all
required system/db connections is known as the cfg_store name in our
module:
AWS Secret name
<project-name>/<environment>
Note: If using environment, environment variable named ENVIRONMENT
should be stored and assigned with the same environment name indicated in your AWS secret name.
Additionally, if working in organization with multiple teams using AWS
Secrets Manager, you can further denote secrets per team, by using
naming convention:
<team-name>/<project-name>/<environment>.
Store key/values for your cfg_store with the following:
| Key | Value |
| --------------------- | ----------------------------------- |
| <db-connection1-name> | <AWS-secret-name-for-db-connection1>|
| <db-connection2-name> | <AWS-secret-name-for-db-connection2>|
For each Secret value in your cfg_store, store the full credentials in
an additional AWS Secret, ie:
AWS Secret name
<AWS-secret-name-for-db-connection1>
| Key | Value |
| ---------- | -------------|
| <db-name1> | <db-name1> |
| <user> | <user-name> |
| <host> | <host> |
| <port> | <port-value> |
| ... | ... |
AWS Secret name
<AWS-secret-name-for-db-connection2>
| Key | Value |
| ---------- | -------------|
| <db-name2> | <db-name2> |
| <user> | <user-name> |
| <host> | <host> |
| <port> | <port-value> |
| ... | ... |
To fetch secrets for a full project/cfg store, use:
sm.get_config(

project_name='your-project-name',

team_name='your-team-name', # include only if you want to save as part of your cfg_store name

)

Development

Getting Started
It is recommended to use the steps below to set up a virtual environment for development:
python3 -m venv <virtual env name>
source <virtual env name>/bin/activate
pip install -r requirements.txt

Testing
pip install -r requirements-dev.txt
To run the testing suite, simply run the command: tox or python -m unittest discover tests

Contributing
Contributions to datacoco_secretsmanager are welcome!
Please reference guidelines to help with setting up your development
environment
here.