@middy/secrets-manager 3.6.2 → 4.0.0-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -13
- package/index.cjs +4 -9
- package/index.d.ts +6 -3
- package/index.js +4 -4
- package/package.json +6 -6
package/README.md
CHANGED
|
@@ -56,8 +56,8 @@ npm install --save @middy/secrets-manager
|
|
|
56
56
|
|
|
57
57
|
## Options
|
|
58
58
|
|
|
59
|
-
- `AwsClient` (object) (default `
|
|
60
|
-
- `awsClientOptions` (object) (default `undefined`): Options to pass to
|
|
59
|
+
- `AwsClient` (object) (default `SecretsManagerClient`): SecretsManagerClient class constructor (i.e. that has been instrumented with AWS XRay). Must be from `@aws-sdk/client-secrets-manager`.
|
|
60
|
+
- `awsClientOptions` (object) (default `undefined`): Options to pass to SecretsManagerClient class constructor.
|
|
61
61
|
- `awsClientAssumeRole` (string) (default `undefined`): Internal key where secrets are stored. See [@middy/sts](/packages/sts/README.md) on to set this.
|
|
62
62
|
- `awsClientCapture` (function) (default `undefined`): Enable XRay by passing `captureAWSClient` from `aws-xray-sdk` in.
|
|
63
63
|
- `fetchData` (object) (required): Mapping of internal key name to API request parameter `SecretId`.
|
|
@@ -67,6 +67,7 @@ npm install --save @middy/secrets-manager
|
|
|
67
67
|
- `setToContext` (boolean) (default `false`): Store secrets to `request.context`.
|
|
68
68
|
|
|
69
69
|
NOTES:
|
|
70
|
+
|
|
70
71
|
- Lambda is required to have IAM permission for `secretsmanager:GetSecretValue`
|
|
71
72
|
|
|
72
73
|
## Sample usage
|
|
@@ -79,21 +80,23 @@ const handler = middy((event, context) => {
|
|
|
79
80
|
return {}
|
|
80
81
|
})
|
|
81
82
|
|
|
82
|
-
handler.use(
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
83
|
+
handler.use(
|
|
84
|
+
secretsManager({
|
|
85
|
+
fetchData: {
|
|
86
|
+
apiToken: 'dev/api_token'
|
|
87
|
+
},
|
|
88
|
+
awsClientOptions: {
|
|
89
|
+
region: 'us-east-1'
|
|
90
|
+
},
|
|
91
|
+
setToContext: true
|
|
92
|
+
})
|
|
93
|
+
)
|
|
91
94
|
|
|
92
95
|
// Before running the function handler, the middleware will fetch from Secrets Manager
|
|
93
96
|
handler(event, context, (_, response) => {
|
|
94
97
|
// assuming the dev/api_token has two keys, 'Username' and 'Password'
|
|
95
|
-
t.is(context.apiToken.Username,'username')
|
|
96
|
-
t.is(context.apiToken.Password,'password')
|
|
98
|
+
t.is(context.apiToken.Username, 'username')
|
|
99
|
+
t.is(context.apiToken.Password, 'password')
|
|
97
100
|
})
|
|
98
101
|
```
|
|
99
102
|
|
package/index.cjs
CHANGED
|
@@ -7,14 +7,9 @@ Object.defineProperty(module, "exports", {
|
|
|
7
7
|
get: ()=>_default
|
|
8
8
|
});
|
|
9
9
|
const _util = require("@middy/util");
|
|
10
|
-
const
|
|
11
|
-
function _interopRequireDefault(obj) {
|
|
12
|
-
return obj && obj.__esModule ? obj : {
|
|
13
|
-
default: obj
|
|
14
|
-
};
|
|
15
|
-
}
|
|
10
|
+
const _clientSecretsManager = require("@aws-sdk/client-secrets-manager");
|
|
16
11
|
const defaults = {
|
|
17
|
-
AwsClient:
|
|
12
|
+
AwsClient: _clientSecretsManager.SecretsManagerClient,
|
|
18
13
|
awsClientOptions: {},
|
|
19
14
|
awsClientAssumeRole: undefined,
|
|
20
15
|
awsClientCapture: undefined,
|
|
@@ -33,9 +28,9 @@ const secretsManagerMiddleware = (opts = {})=>{
|
|
|
33
28
|
const values = {};
|
|
34
29
|
for (const internalKey of Object.keys(options.fetchData)){
|
|
35
30
|
if (cachedValues[internalKey]) continue;
|
|
36
|
-
values[internalKey] = client.
|
|
31
|
+
values[internalKey] = client.send(new _clientSecretsManager.GetSecretValueCommand({
|
|
37
32
|
SecretId: options.fetchData[internalKey]
|
|
38
|
-
})
|
|
33
|
+
})).then((resp)=>(0, _util.jsonSafeParse)(resp.SecretString)).catch((e)=>{
|
|
39
34
|
const value = (0, _util.getCache)(options.cacheKey).value ?? {};
|
|
40
35
|
value[internalKey] = undefined;
|
|
41
36
|
(0, _util.modifyCache)(options.cacheKey, value);
|
package/index.d.ts
CHANGED
|
@@ -1,10 +1,13 @@
|
|
|
1
1
|
import middy from '@middy/core'
|
|
2
2
|
import { Options as MiddyOptions } from '@middy/util'
|
|
3
3
|
import { Context as LambdaContext } from 'aws-lambda'
|
|
4
|
-
import
|
|
4
|
+
import { SecretsManagerClient, SecretsManagerClientConfig } from '@aws-sdk/client-secrets-manager'
|
|
5
5
|
|
|
6
|
-
interface Options<
|
|
7
|
-
extends MiddyOptions<
|
|
6
|
+
interface Options<AwsSecretsManagerClient = SecretsManagerClient>
|
|
7
|
+
extends MiddyOptions<
|
|
8
|
+
AwsSecretsManagerClient,
|
|
9
|
+
SecretsManagerClientConfig
|
|
10
|
+
> {}
|
|
8
11
|
|
|
9
12
|
export type Context<TOptions extends Options | undefined> = TOptions extends {
|
|
10
13
|
setToContext: true
|
package/index.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { canPrefetch, createPrefetchClient, createClient, getCache, getInternal, processCache, modifyCache, jsonSafeParse } from '@middy/util';
|
|
2
|
-
import
|
|
2
|
+
import { SecretsManagerClient, GetSecretValueCommand } from '@aws-sdk/client-secrets-manager';
|
|
3
3
|
const defaults = {
|
|
4
|
-
AwsClient:
|
|
4
|
+
AwsClient: SecretsManagerClient,
|
|
5
5
|
awsClientOptions: {},
|
|
6
6
|
awsClientAssumeRole: undefined,
|
|
7
7
|
awsClientCapture: undefined,
|
|
@@ -20,9 +20,9 @@ const secretsManagerMiddleware = (opts = {})=>{
|
|
|
20
20
|
const values = {};
|
|
21
21
|
for (const internalKey of Object.keys(options.fetchData)){
|
|
22
22
|
if (cachedValues[internalKey]) continue;
|
|
23
|
-
values[internalKey] = client.
|
|
23
|
+
values[internalKey] = client.send(new GetSecretValueCommand({
|
|
24
24
|
SecretId: options.fetchData[internalKey]
|
|
25
|
-
})
|
|
25
|
+
})).then((resp)=>jsonSafeParse(resp.SecretString)).catch((e)=>{
|
|
26
26
|
const value = getCache(options.cacheKey).value ?? {};
|
|
27
27
|
value[internalKey] = undefined;
|
|
28
28
|
modifyCache(options.cacheKey, value);
|
package/package.json
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@middy/secrets-manager",
|
|
3
|
-
"version": "
|
|
3
|
+
"version": "4.0.0-alpha.1",
|
|
4
4
|
"description": "Secrets Manager middleware for the middy framework",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"engines": {
|
|
7
|
-
"node": ">=
|
|
7
|
+
"node": ">=16"
|
|
8
8
|
},
|
|
9
9
|
"engineStrict": true,
|
|
10
10
|
"publishConfig": {
|
|
@@ -60,13 +60,13 @@
|
|
|
60
60
|
},
|
|
61
61
|
"homepage": "https://middy.js.org",
|
|
62
62
|
"dependencies": {
|
|
63
|
-
"@middy/util": "
|
|
63
|
+
"@middy/util": "4.0.0-alpha.1"
|
|
64
64
|
},
|
|
65
65
|
"devDependencies": {
|
|
66
|
-
"@
|
|
66
|
+
"@aws-sdk/client-secrets-manager": "^3.186.0",
|
|
67
|
+
"@middy/core": "4.0.0-alpha.1",
|
|
67
68
|
"@types/aws-lambda": "^8.10.101",
|
|
68
|
-
"aws-sdk": "^2.939.0",
|
|
69
69
|
"aws-xray-sdk": "^3.3.3"
|
|
70
70
|
},
|
|
71
|
-
"gitHead": "
|
|
71
|
+
"gitHead": "b531f61dac3a5268728a21fc4b2b32054b170f88"
|
|
72
72
|
}
|