aws-sdk#SecretsManager TypeScript Examples
The following examples show how to use
aws-sdk#SecretsManager.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: awsUtils.ts From aws-secrets-manager-action with MIT License | 6 votes |
|
listSecrets = (secretsManagerClient: SecretsManager): Promise<Array<string>> => {
return new Promise<Array<string>>((resolve, reject) => {
let nextToken: string = null
const allSecretNames: string[] = []
do {
listSecretsPaginated(secretsManagerClient, nextToken)
.then(res => {
// fetch nextToken if it exists, reset to null otherwise
if ('NextToken' in res) {
nextToken = res['NextToken']
} else {
nextToken = null
}
// get all non-deleted secret names
res['SecretList'].forEach(secret => {
if (!('DeletedDate' in secret)) {
allSecretNames.push(secret['Name'])
}
})
resolve(allSecretNames)
})
.catch(err => {
reject(err)
})
}
while (nextToken)
})
}
Example #2
| Source File: awsUtils.ts From aws-secrets-manager-action with MIT License | 6 votes |
|
getSecretNamesToFetch =
(secretsManagerClient: SecretsManager, inputSecretNames: string[]): Promise<Array<string>> => {
return new Promise<Array<string>>((resolve, reject) => {
// list secrets, filter against wildcards and fetch filtered secrets
// else, fetch specified secrets directly
const secretNames: string[] = []
listSecrets(secretsManagerClient)
.then(secrets => {
inputSecretNames.forEach(inputSecretName => {
secretNames.push(...filterBy(secrets, inputSecretName))
})
resolve([...new Set(secretNames)])
})
.catch(err => {
reject(err)
})
})
}
Example #3
| Source File: awsUtils.ts From aws-secrets-manager-action with MIT License | 6 votes |
|
fetchAndInject = (secretsManagerClient: SecretsManager,
secretNamesToFetch: Array<string>, shouldParseJSON: boolean): void => {
core.debug(`Will fetch ${secretNamesToFetch.length} secrets: ${secretNamesToFetch}`)
secretNamesToFetch.forEach((secretName) => {
getSecretValueMap(secretsManagerClient, secretName, shouldParseJSON)
.then(map => {
injectSecretValueMapToEnvironment(map)
})
.catch(err => {
core.setFailed(`Failed to fetch '${secretName}'. Error: ${err}.`)
})
})
}
Example #4
| Source File: index.test.ts From aws-secrets-manager-action with MIT License | 5 votes |
|
secretsManagerClient = new SecretsManager({})
Example #5
| Source File: awsUtils.ts From aws-secrets-manager-action with MIT License | 5 votes |
|
getSecretsManagerClient = (config: Record<string, any>): SecretsManager => new SecretsManager(config)
Example #6
| Source File: awsUtils.ts From aws-secrets-manager-action with MIT License | 5 votes |
|
getSecretValue = (secretsManagerClient: SecretsManager, secretName: string):
Promise<PromiseResult<GetSecretValueResponse, AWSError>> => {
core.debug(`Fetching '${secretName}'`)
return secretsManagerClient.getSecretValue({ SecretId: secretName }).promise()
}
Example #7
| Source File: awsUtils.ts From aws-secrets-manager-action with MIT License | 5 votes |
|
getSecretValueMap = (secretsManagerClient: SecretsManager, secretName: string, shouldParseJSON = false) => {
return new Promise((resolve, reject) => {
getSecretValue(secretsManagerClient, secretName)
.then(data => {
let secretValue
// Decrypts secret using the associated KMS CMK.
// Depending on whether the secret is a string or binary, one of these fields will be populated.
if ('SecretString' in data) {
secretValue = data['SecretString']
} else {
const buff = Buffer.from(data['SecretBinary'].toString(), 'base64')
secretValue = buff.toString('ascii')
}
let secretValueMap = {}
// If secretName = 'mySecret' and secretValue='{ "foo": "bar" }'
// and if secretValue is a valid JSON object string and shouldParseJSON = true,
// injected secrets will be of the form 'mySecret.foo' = 'bar'
if (isJSONObjectString(secretValue) && shouldParseJSON) {
const secretJSON = JSON.parse(secretValue)
const secretJSONWrapped = {}
secretJSONWrapped[secretName] = secretJSON
const secretJSONFlattened = flattenJSONObject(secretJSONWrapped)
secretValueMap = secretJSONFlattened
}
// Else, injected secrets will be of the form 'mySecret' = '{ "foo": "bar" }' (raw secret value string)
else {
secretValueMap[secretName] = secretValue
}
resolve(secretValueMap)
})
.catch(err => {
if ('code' in err) {
if (err.code === 'DecryptionFailureException')
// Secrets Manager can't decrypt the protected secret text using the provided KMS key.
// Deal with the exception here, and/or rethrow at your discretion.
return reject(err)
else if (err.code === 'InternalServiceErrorException')
// An error occurred on the server side.
// Deal with the exception here, and/or rethrow at your discretion.
return reject(err)
else if (err.code === 'InvalidParameterException')
// You provided an invalid value for a parameter.
// Deal with the exception here, and/or rethrow at your discretion.
return reject(err)
else if (err.code === 'InvalidRequestException')
// You provided a parameter value that is not valid for the current state of the resource.
// Deal with the exception here, and/or rethrow at your discretion.
return reject(err)
else if (err.code === 'ResourceNotFoundException')
// We can't find the resource that you asked for.
// Deal with the exception here, and/or rethrow at your discretion.
return reject(err)
else if (err.code === 'AccessDeniedException')
// We don't have access to the resource that you asked for.
// Deal with the exception here, and/or rethrow at your discretion.
return reject(err)
else
// Fetch failed due to an unrecognized error code
return reject(err)
}
// Fetch failed for some other reason
return reject(err)
})
})
}
Example #8
| Source File: provider.lambda.ts From cloudstructs with Apache License 2.0 | 5 votes |
|
secretsmanager = new SecretsManager({ apiVersion: '2017-10-17' })
