eolas/zk/Fetch_from_Secrets_Manager.md

---
categories:
  - DevOps
tags: [AWS, backend]
---

# Fetch from Secrets Manager

## TypeScript

```ts
const getSecret = async (): Promise<SomeCredentials> => {
  const secretsManager = new AWS.SecretsManager();
  const response = await secretsManager
    .getSecretValue({ SecretId: process.env.SECRET_ARN as string })
    .promise();
  const secretValues = JSON.parse(response.SecretString as string);

  if (secretValues) {
    return {
      accessToken: secretValues.POCKET_ACCESS_TOKEN,
      consumerKey: secretValues.POCKET_CONSUMER_KEY,
    };
  } else {
    throw new Error("Failed to return Pocket credentials");
  }
};

type SomeCredentials = {
  accessToken: string;
  consumerKey: string;
};
```

## Python

```py
import json
import boto3

def get_secret():
    python_env = os.environ.get("PYTHON_ENV", "local")
    """In production, source creds from SecretsManager"""
    if python_env == "production":
        secrets_manager = boto3.client("secretsmanager")
        response = secrets_manager.get_secret_value(SecretId=os.environ["SECRET_ARN"])
        secret_values = json.loads(response["SecretString"])
        return secret_values["GOOGLE_CREDS"]
```
aws: add example of getting value from Secrets Manager 2023-09-01 08:23:04 +01:00			`---`
			`categories:`
			`- DevOps`
			`tags: [AWS, backend]`
			`---`

			`# Fetch from Secrets Manager`

			`## TypeScript`

			```ts
			`const getSecret = async (): Promise<SomeCredentials> => {`
			`const secretsManager = new AWS.SecretsManager();`
			`const response = await secretsManager`
			`.getSecretValue({ SecretId: process.env.SECRET_ARN as string })`
			`.promise();`
			`const secretValues = JSON.parse(response.SecretString as string);`

			`if (secretValues) {`
			`return {`
			`accessToken: secretValues.POCKET_ACCESS_TOKEN,`
			`consumerKey: secretValues.POCKET_CONSUMER_KEY,`
			`};`
			`} else {`
			`throw new Error("Failed to return Pocket credentials");`
			`}`
			`};`

			`type SomeCredentials = {`
			`accessToken: string;`
			`consumerKey: string;`
			`};`
			```
chore: add more aws todos 2023-08-31 20:41:10 +01:00
aws: add example of getting value from Secrets Manager 2023-09-01 08:23:04 +01:00			`## Python`

aws: add example of querying secrets manager in python 2023-09-11 18:20:12 +01:00			```py
			`import json`
			`import boto3`

			`def get_secret():`
			`python_env = os.environ.get("PYTHON_ENV", "local")`
			`"""In production, source creds from SecretsManager"""`
			`if python_env == "production":`
			`secrets_manager = boto3.client("secretsmanager")`
			`response = secrets_manager.get_secret_value(SecretId=os.environ["SECRET_ARN"])`
			`secret_values = json.loads(response["SecretString"])`
			`return secret_values["GOOGLE_CREDS"]`
			```