Locksmith Module¶
Fetch credentials from AWS Secrets Manager.
- Usage:
>>> import boto3 >>> import alyeska.locksmith as ls >>> session = boto3.Session() # fetch creds from .aws/credentials >>> secret_name = "my-super-secret-secret" >>> secret = ls.get_secret(session, secret_name)
-
alyeska.locksmith.
get_secret
(session: boto3.session.Session, secret_name: str, region_name: str = 'us-east-1') → dict¶ Get secret from secretsmanager using an established session.
See boto3.amazonaws.com/v1/documentation/api/latest/guide/secrets-manager.html
Parameters: - session (boto3.Session) – [description]
- secret_name (str) – [description]
- region_name (str, optional) – [description]. Defaults to “us-east-1”.
Returns: Secret as dict
Return type: dict
-
alyeska.locksmith.
mfa_from_str
(json_str: str, *, include_expiration=False) → dict¶ Create credentials dict from credentials as a json string.
This function is a thin wrapper around json.loads
Parameters: - json_str (str) –
String containing a json object. e.g. ‘’’ {
- ”Credentials”: {
- “AccessKeyId”: “FAKEACCESSKEY”, “SecretAccessKey”: “Fake+Secret9Access-Key”, “SessionToken”: “f4k3-SE5510N_t0k3n”, “Expiration”: “2019-07-30T00:14:27Z”
}
- include_expiration (bool, optional) – Whether to include expiration in returned json. Defaults to False.
Returns: - with types as
- {
“aws_access_key_id”: str, “aws_secret_access_key”: str, “aws_session_token”: str, “expiration”: datetime,
}
Return type: dict
Example
>>> import dynatrace_locksmith as ls >>> creds = ls.mfa_from_str(json_str) >>> creds { "Credentials": { "AccessKeyId": "1234567890", "SecretAccessKey": "qwertyuiop", "SessionToken": "asdfghjklzxcvbnm", "Expiration": "2018-11-02T05:15:21Z" } }
>>> session = boto3.Session(**creds)
- json_str (str) –