def test_get_secret(monkeypatch, mock_name, mock_value): """ Test get_secret() """ class TestProvider(BaseProvider): def _get(self, name: str, **kwargs) -> str: assert name == mock_name return mock_value def _get_multiple(self, path: str, **kwargs) -> Dict[str, str]: raise NotImplementedError() monkeypatch.setitem(parameters.base.DEFAULT_PROVIDERS, "secrets", TestProvider()) value = parameters.get_secret(mock_name) assert value == mock_value
def get_webhook_urls(): """Retrieves the Slack Webhook URLs that are stored in Secrets Manager. Uses the AWS Secrets Manager caching library to cache locally so each invocation doesn't need to perform a GetSecretValue call. """ logger.info('Getting Slack webhook URL(s) from AWS Secrets Manager') try: # If not already in cache, keep urls in cache for 4 hours before re-calling secret_urls = parameters.get_secret(WEBHOOK_SECRET_NAME, max_age=14400) slack_urls = json.loads(secret_urls) except parameters.exceptions.GetParameterError as error: logger.error(f'Problem getting the Slack Webhook URLs: {error}') raise except json.JSONDecodeError as error: logger.error(f'Problem decoding JSON: {error}') raise else: return slack_urls['urls']
def test_get_secret_new(monkeypatch, mock_name, mock_value): """ Test get_secret() without a default provider """ class TestProvider(BaseProvider): def _get(self, name: str, **kwargs) -> str: assert name == mock_name return mock_value def _get_multiple(self, path: str, **kwargs) -> Dict[str, str]: raise NotImplementedError() monkeypatch.setattr(parameters.secrets, "DEFAULT_PROVIDERS", {}) monkeypatch.setattr(parameters.secrets, "SecretsProvider", TestProvider) value = parameters.get_secret(mock_name) assert value == mock_value
from botocore.exceptions import ClientError from aws_lambda_powertools.utilities import parameters from challenge import Challenge from states.manager import StateManager from states.face import FaceState from jwt_token import Token region_name = os.getenv('REGION_NAME') bucket_name = os.getenv('BUCKET_NAME') dynamo_table = os.getenv('DDB_TABLE') token_secret_arn = os.getenv('TOKEN_SECRET_ARN') token_secret = parameters.get_secret(token_secret_arn) s3 = boto3.client('s3', region_name=region_name) rek = boto3.client('rekognition', region_name=region_name) ddb = boto3.resource('dynamodb', region_name=region_name) table = ddb.Table(dynamo_table) START_PATTERN = re.compile('/challenge/start') PUT_FRAME_PATTERN = re.compile('\\/challenge\\/[A-Za-z0-9-]*\\/frames') VERIFY_PATTERN = re.compile('\\/challenge\\/[A-Za-z0-9-]*\\/verify') def lambda_handler(event, _): method = event['httpMethod'] path = event['path'] body = json.loads(event['body'])
import os import logging import json from crhelper import CfnResource from aws_lambda_powertools.utilities import parameters from aws_lambda_powertools import Logger, Tracer from datadog import Monitor logger = Logger() tracer = Tracer() secrets = json.loads(parameters.get_secret(os.environ['SECRETS'])) helper = CfnResource(json_logging=False, log_level='DEBUG', boto_level='CRITICAL') DD_monitor = Monitor(secrets["DD_CLIENT_API_KEY"], secrets["DD_CLIENT_APP_KEY"]) @tracer.capture_lambda_handler @logger.inject_lambda_context def handler(event, context): helper(event, context) @helper.create def create(event, context): logger.info("Resource Created") ResourceProperties = event['ResourceProperties'] monitor_id = DD_monitor.create_monitor(
def set_stripe_api_key(): if not stripe.api_key: secrets = json.loads( parameters.get_secret(os.environ["STRIPE_SECRET_ARN"])) stripe.api_key = secrets["SecretKey"]