def test_get_secret(monkeypatch, mock_name, mock_value):
"""
Test get_secret()
"""
class TestProvider(BaseProvider):
def _get(self, name: str, **kwargs) -> str:
assert name == mock_name
return mock_value
def _get_multiple(self, path: str, **kwargs) -> Dict[str, str]:
raise NotImplementedError()
monkeypatch.setitem(parameters.base.DEFAULT_PROVIDERS, "secrets", TestProvider())
value = parameters.get_secret(mock_name)
assert value == mock_value
def get_webhook_urls():
"""Retrieves the Slack Webhook URLs that are stored in Secrets Manager.
Uses the AWS Secrets Manager caching library to cache locally
so each invocation doesn't need to perform a GetSecretValue call.
"""
logger.info('Getting Slack webhook URL(s) from AWS Secrets Manager')
try:
# If not already in cache, keep urls in cache for 4 hours before re-calling
secret_urls = parameters.get_secret(WEBHOOK_SECRET_NAME, max_age=14400)
slack_urls = json.loads(secret_urls)
except parameters.exceptions.GetParameterError as error:
logger.error(f'Problem getting the Slack Webhook URLs: {error}')
raise
except json.JSONDecodeError as error:
logger.error(f'Problem decoding JSON: {error}')
raise
else:
return slack_urls['urls']
def test_get_secret_new(monkeypatch, mock_name, mock_value):
"""
Test get_secret() without a default provider
"""
class TestProvider(BaseProvider):
def _get(self, name: str, **kwargs) -> str:
assert name == mock_name
return mock_value
def _get_multiple(self, path: str, **kwargs) -> Dict[str, str]:
raise NotImplementedError()
monkeypatch.setattr(parameters.secrets, "DEFAULT_PROVIDERS", {})
monkeypatch.setattr(parameters.secrets, "SecretsProvider", TestProvider)
value = parameters.get_secret(mock_name)
assert value == mock_value
from botocore.exceptions import ClientError
from aws_lambda_powertools.utilities import parameters
from challenge import Challenge
from states.manager import StateManager
from states.face import FaceState
from jwt_token import Token
region_name = os.getenv('REGION_NAME')
bucket_name = os.getenv('BUCKET_NAME')
dynamo_table = os.getenv('DDB_TABLE')
token_secret_arn = os.getenv('TOKEN_SECRET_ARN')
token_secret = parameters.get_secret(token_secret_arn)
s3 = boto3.client('s3', region_name=region_name)
rek = boto3.client('rekognition', region_name=region_name)
ddb = boto3.resource('dynamodb', region_name=region_name)
table = ddb.Table(dynamo_table)
START_PATTERN = re.compile('/challenge/start')
PUT_FRAME_PATTERN = re.compile('\\/challenge\\/[A-Za-z0-9-]*\\/frames')
VERIFY_PATTERN = re.compile('\\/challenge\\/[A-Za-z0-9-]*\\/verify')
def lambda_handler(event, _):
method = event['httpMethod']
path = event['path']
body = json.loads(event['body'])
import os
import logging
import json
from crhelper import CfnResource
from aws_lambda_powertools.utilities import parameters
from aws_lambda_powertools import Logger, Tracer
from datadog import Monitor
logger = Logger()
tracer = Tracer()
secrets = json.loads(parameters.get_secret(os.environ['SECRETS']))
helper = CfnResource(json_logging=False,
log_level='DEBUG',
boto_level='CRITICAL')
DD_monitor = Monitor(secrets["DD_CLIENT_API_KEY"],
secrets["DD_CLIENT_APP_KEY"])
@tracer.capture_lambda_handler
@logger.inject_lambda_context
def handler(event, context):
helper(event, context)
@helper.create
def create(event, context):
logger.info("Resource Created")
ResourceProperties = event['ResourceProperties']
monitor_id = DD_monitor.create_monitor(
def set_stripe_api_key():
if not stripe.api_key:
secrets = json.loads(
parameters.get_secret(os.environ["STRIPE_SECRET_ARN"]))
stripe.api_key = secrets["SecretKey"]