Class SecretsManagerUtils

java.lang.Object
com.kingsrook.qqq.backend.core.instances.SecretsManagerUtils
public class SecretsManagerUtils extends Object
Utility class for working with AWS Secrets Manager. Relies on environment variables: SECRETS_MANAGER_ACCESS_KEY SECRETS_MANAGER_SECRET_KEY SECRETS_MANAGER_REGION

  • Constructor Details

    • SecretsManagerUtils

      public SecretsManagerUtils()

  • Method Details

    • writeEnvFromSecretsWithNamePrefix

      public static void writeEnvFromSecretsWithNamePrefix(String prefix) throws IOException
      IF secret manager ENV vars are set, THEN lookup all secrets starting with the given prefix, and write them to a .env file (backing up any pre-existing .env files first).
      Throws:
      IOException

    • writeEnvFromSecretsWithNamePrefix

      public static void writeEnvFromSecretsWithNamePrefix(String prefix, boolean quoteValues) throws IOException
      IF secret manager ENV vars are set, THEN lookup all secrets starting with the given prefix, and write them to a .env file (backing up any pre-existing .env files first).
      Throws:
      IOException

    • getSecret

      public static Optional<String> getSecret(String path, String name)
      Get a single secret value. The lookup in secrets manager is done by (path + name). Then, in the value that comes back, if it looks like JSON, we look for a value inside it under the key of just "name". Else, if we didn't get JSON back, then we just return the full text value of the secret.

    • writeSecret

      public static void writeSecret(String path, String name, String value)
      Tries to do a Create - if that fails, then does a Put (update). Path is expected to end in a /, but I suppose it isn't strictly required.