Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS SecretsManager Connector #562

Open
cwgroppe opened this issue Feb 9, 2021 · 5 comments
Open

AWS SecretsManager Connector #562

cwgroppe opened this issue Feb 9, 2021 · 5 comments
Labels
new-connector

Comments

@cwgroppe
Copy link
Contributor

cwgroppe commented Feb 9, 2021

How would y'all feel about a AWS SecretsManager Connector? I'm pretty close to having the basic functionally finished for it (created, delete, update, list) and I'll add IT test for those as well.
@paualarco
Copy link
Member

Yeah, and why not! :)

Would it be a wrapper on top of the aws client?

In that case I would just ask that the connector follows the api design of the AWS family in monix-connect (dynamodb and s3), and what I mean by that is to expose the client as a cats effect Resource, which could either be created by passing the configurations by parameters, like done here for the S3 connector, and also support creating de client from config file.

Would be also good if we also expose overloaded methods that also not requires to create the java objects with builders and so on, like if you want to perform a DescribeSecretRequest, you could do it either like:

SecretManager.describeRequest("secretName"): Task[DescribeSecretResponse]

or like:

val secretRequest = DescribeSecretRequest.builder()
                .secretId(secretName)
                .build();
SecretManager.describeRequest(secretRequest): Task[DescribeSecretResponse]
```

@cwgroppe
Copy link
Contributor Author

cwgroppe commented Feb 9, 2021
edited
Loading

Its a wrapper on top of the aws client like s3, so much so that a lot of the code is mimicked between the two. Calling to get a secret looks like this:

val secMan = SecretsManager.create(staticCredProvider, Region.US_EAST_2, endpoint)
secMan.use{sm => sm.getSecretValue("test1")}.runSyncUnsafe(30.seconds)(runnerIO,permit)

or

val secUn = SecretsManager.createUnsafe(staticCredProvider, Region.US_EAST_2, endpoint)
secUn.listSecrets().toListL.runSyncUnsafe(30.seconds)(runnerIO,permit)

where runnerIO is my scheduler. But yeah there are some overloaded methods that I've had a weird time dealing with (just chose which one to use basically), so the describeRequest example sounds like a good idea to avoid that and I'll have those built ins.

@paualarco
Copy link
Member

that looks good! :)

@cwgroppe
Copy link
Contributor Author

So I have created, delete, update, and listSecrets. Is this enough functionality for an initial pull request or should I wait until I have all of it?

@paualarco
Copy link
Member

You can create a WIP pull request if u prefer it

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
new-connector
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cwgroppe @paualarco