Created
October 24, 2022 07:18
-
-
Save ilovelili/28c59b297b916604529f3cdb60959828 to your computer and use it in GitHub Desktop.
load aws secrets manager
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Use this code snippet in your app. | |
| // If you need more information about configurations or implementing the sample code, visit the AWS docs: | |
| // https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/setting-up.html | |
| import ( | |
| "github.com/aws/aws-sdk-go/service/secretsmanager" | |
| "github.com/aws/aws-sdk-go/aws" | |
| "github.com/aws/aws-sdk-go/aws/awserr" | |
| "github.com/aws/aws-sdk-go/aws/session" | |
| "encoding/base64" | |
| "fmt" | |
| ) | |
| func getSecret() { | |
| secretName := "woodstock-api-stg" | |
| region := "ap-northeast-1" | |
| //Create a Secrets Manager client | |
| sess, err := session.NewSession() | |
| if err != nil { | |
| // Handle session creation error | |
| fmt.Println(err.Error()) | |
| return | |
| } | |
| svc := secretsmanager.New(sess, | |
| aws.NewConfig().WithRegion(region)) | |
| input := &secretsmanager.GetSecretValueInput{ | |
| SecretId: aws.String(secretName), | |
| VersionStage: aws.String("AWSCURRENT"), // VersionStage defaults to AWSCURRENT if unspecified | |
| } | |
| // In this sample we only handle the specific exceptions for the 'GetSecretValue' API. | |
| // See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html | |
| result, err := svc.GetSecretValue(input) | |
| if err != nil { | |
| if aerr, ok := err.(awserr.Error); ok { | |
| switch aerr.Code() { | |
| case secretsmanager.ErrCodeDecryptionFailure: | |
| // Secrets Manager can't decrypt the protected secret text using the provided KMS key. | |
| fmt.Println(secretsmanager.ErrCodeDecryptionFailure, aerr.Error()) | |
| case secretsmanager.ErrCodeInternalServiceError: | |
| // An error occurred on the server side. | |
| fmt.Println(secretsmanager.ErrCodeInternalServiceError, aerr.Error()) | |
| case secretsmanager.ErrCodeInvalidParameterException: | |
| // You provided an invalid value for a parameter. | |
| fmt.Println(secretsmanager.ErrCodeInvalidParameterException, aerr.Error()) | |
| case secretsmanager.ErrCodeInvalidRequestException: | |
| // You provided a parameter value that is not valid for the current state of the resource. | |
| fmt.Println(secretsmanager.ErrCodeInvalidRequestException, aerr.Error()) | |
| case secretsmanager.ErrCodeResourceNotFoundException: | |
| // We can't find the resource that you asked for. | |
| fmt.Println(secretsmanager.ErrCodeResourceNotFoundException, aerr.Error()) | |
| } | |
| } else { | |
| // Print the error, cast err to awserr.Error to get the Code and | |
| // Message from an error. | |
| fmt.Println(err.Error()) | |
| } | |
| return | |
| } | |
| // Decrypts secret using the associated KMS key. | |
| // Depending on whether the secret is a string or binary, one of these fields will be populated. | |
| var secretString, decodedBinarySecret string | |
| if result.SecretString != nil { | |
| secretString = *result.SecretString | |
| } else { | |
| decodedBinarySecretBytes := make([]byte, base64.StdEncoding.DecodedLen(len(result.SecretBinary))) | |
| len, err := base64.StdEncoding.Decode(decodedBinarySecretBytes, result.SecretBinary) | |
| if err != nil { | |
| fmt.Println("Base64 Decode Error:", err) | |
| return | |
| } | |
| decodedBinarySecret = string(decodedBinarySecretBytes[:len]) | |
| } | |
| // Your code goes here. | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment