chhibber · July 3, 2018 03:18
diff --git a/getawssecrets.py b/getawssecrets.py
 import boto3
 from botocore.exceptions import ClientError
 from sceptre.resolvers import Resolver
 import json


 def get_secret(secret_name, secret_key, region):

    endpoint_url = "https://secretsmanager." + region + ".amazonaws.com"
    region_name = region

    session = boto3.session.Session()
    client = session.client(
        service_name='secretsmanager',
        region_name=region_name,
        endpoint_url=endpoint_url
    )

    try:
        get_secret_value_response = client.get_secret_value(
            SecretId=secret_name
        )
    except ClientError as e:
        if e.response['Error']['Code'] == 'ResourceNotFoundException':
            print("The requested secret " + secret_name + " was not found")
        elif e.response['Error']['Code'] == 'InvalidRequestException':
            print("The request was invalid due to:", e)
        elif e.response['Error']['Code'] == 'InvalidParameterException':
            print("The request had invalid params:", e)
    else:
        # Decrypted secret using the associated KMS CMK
        # Depending on whether the secret was a string or binary, one of these fields will be populated
        if 'SecretString' in get_secret_value_response:

            if secret_key == "none":
                secret = get_secret_value_response['SecretString']
                return secret
            
            secret_data = json.loads(get_secret_value_response['SecretString'])
            secret = secret_data[secret_key]
            return secret

        else:
            binary_secret_data = get_secret_value_response['SecretBinary']


 class GetAwsSecret(Resolver):

    def __init__(self, *args, **kwargs):
        super(GetAwsSecret, self).__init__(*args, **kwargs)

    def resolve(self):

        secret_name, secret_key, region = self.argument.split()
        secret = get_secret(secret_name, secret_key, region)

        return secret


 # For testing
 if __name__ == "__main__":

    import sys

    print("The arguments are: ", str(sys.argv))
    if len(sys.argv) == 4:
        secret = get_secret(sys.argv[1], sys.argv[2], sys.argv[3])

        print("Secret {}".format(secret))
	import boto3
	from botocore.exceptions import ClientError
	from sceptre.resolvers import Resolver
	import json


	def get_secret(secret_name, secret_key, region):

	endpoint_url = "https://secretsmanager." + region + ".amazonaws.com"
	region_name = region

	session = boto3.session.Session()
	client = session.client(
	service_name='secretsmanager',
	region_name=region_name,
	endpoint_url=endpoint_url
	)

	try:
	get_secret_value_response = client.get_secret_value(
	SecretId=secret_name
	)
	except ClientError as e:
	if e.response['Error']['Code'] == 'ResourceNotFoundException':
	print("The requested secret " + secret_name + " was not found")
	elif e.response['Error']['Code'] == 'InvalidRequestException':
	print("The request was invalid due to:", e)
	elif e.response['Error']['Code'] == 'InvalidParameterException':
	print("The request had invalid params:", e)
	else:
	# Decrypted secret using the associated KMS CMK
	# Depending on whether the secret was a string or binary, one of these fields will be populated
	if 'SecretString' in get_secret_value_response:

	if secret_key == "none":
	secret = get_secret_value_response['SecretString']
	return secret

	secret_data = json.loads(get_secret_value_response['SecretString'])
	secret = secret_data[secret_key]
	return secret

	else:
	binary_secret_data = get_secret_value_response['SecretBinary']


	class GetAwsSecret(Resolver):

	def __init__(self, args, *kwargs):
	super(GetAwsSecret, self).__init__(args, *kwargs)

	def resolve(self):

	secret_name, secret_key, region = self.argument.split()
	secret = get_secret(secret_name, secret_key, region)

	return secret


	# For testing
	if __name__ == "__main__":

	import sys

	print("The arguments are: ", str(sys.argv))
	if len(sys.argv) == 4:
	secret = get_secret(sys.argv[1], sys.argv[2], sys.argv[3])

	print("Secret {}".format(secret))