PyPI - aws-util - Versions diffs - 0.1.0__tar.gz - Mend

aws-util 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

aws_util-0.1.0/PKG-INFO +10 -0
aws_util-0.1.0/pyproject.toml +23 -0
aws_util-0.1.0/setup.cfg +4 -0
aws_util-0.1.0/src/__init__.py +1 -0
aws_util-0.1.0/src/aws_util.egg-info/PKG-INFO +10 -0
aws_util-0.1.0/src/aws_util.egg-info/SOURCES.txt +10 -0
aws_util-0.1.0/src/aws_util.egg-info/dependency_links.txt +1 -0
aws_util-0.1.0/src/aws_util.egg-info/requires.txt +1 -0
aws_util-0.1.0/src/aws_util.egg-info/top_level.txt +4 -0
aws_util-0.1.0/src/parameter_store.py +18 -0
aws_util-0.1.0/src/placeholder.py +86 -0
aws_util-0.1.0/src/secrets_manager.py +56 -0

aws_util-0.1.0/PKG-INFO ADDED Viewed

@@ -0,0 +1,10 @@
+Metadata-Version: 2.4
+Name: aws-util
+Version: 0.1.0
+Summary: A utility library for AWS services
+Author-email: Masrik Dahir <info@masrikdahir.com>
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.6
+Requires-Dist: boto3

aws_util-0.1.0/pyproject.toml ADDED Viewed

@@ -0,0 +1,23 @@
+[build-system]
+requires = ["setuptools>=61.0", "wheel"]
+build-backend = "setuptools.build_meta"
+[project]
+name = "aws-util"
+authors = [ { name = "Masrik Dahir", email = "info@masrikdahir.com" }]
+version = "0.1.0"
+description = "A utility library for AWS services"
+requires-python = ">=3.6"
+dependencies = [
+    "boto3"
+]
+# If you have an email, uncomment the next line:
+# email = "your_email@example.com"  # Make sure no classification here.
+# Define classifiers here, completely separate:
+classifiers = [
+    "Programming Language :: Python :: 3",
+    "License :: OSI Approved :: MIT License",
+    "Operating System :: OS Independent"
+]

aws_util-0.1.0/setup.cfg ADDED Viewed

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build =
+tag_date = 0

aws_util-0.1.0/src/__init__.py ADDED Viewed

	@@ -0,0 +1 @@
1	+ from .placeholder import retrieve

aws_util-0.1.0/src/aws_util.egg-info/PKG-INFO ADDED Viewed

@@ -0,0 +1,10 @@
+Metadata-Version: 2.4
+Name: aws-util
+Version: 0.1.0
+Summary: A utility library for AWS services
+Author-email: Masrik Dahir <info@masrikdahir.com>
+Classifier: Programming Language :: Python :: 3
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Operating System :: OS Independent
+Requires-Python: >=3.6
+Requires-Dist: boto3

aws_util-0.1.0/src/aws_util.egg-info/SOURCES.txt ADDED Viewed

@@ -0,0 +1,10 @@
+pyproject.toml
+src/__init__.py
+src/parameter_store.py
+src/placeholder.py
+src/secrets_manager.py
+src/aws_util.egg-info/PKG-INFO
+src/aws_util.egg-info/SOURCES.txt
+src/aws_util.egg-info/dependency_links.txt
+src/aws_util.egg-info/requires.txt
+src/aws_util.egg-info/top_level.txt

aws_util-0.1.0/src/aws_util.egg-info/dependency_links.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+

aws_util-0.1.0/src/aws_util.egg-info/requires.txt ADDED Viewed

	@@ -0,0 +1 @@
1	+ boto3

aws_util-0.1.0/src/aws_util.egg-info/top_level.txt ADDED Viewed

@@ -0,0 +1,4 @@
+__init__
+parameter_store
+placeholder
+secrets_manager

aws_util-0.1.0/src/parameter_store.py ADDED Viewed

@@ -0,0 +1,18 @@
+from __future__ import annotations
+import boto3
+from botocore.exceptions import ClientError
+ssm_client = boto3.client("ssm")
+def get_parameter(name: str, with_decryption: bool = True) -> str:
+    """
+    Single SSM call, no caching here.
+    Caching will be handled in src.placeholder via lru_cache.
+    """
+    try:
+        resp = ssm_client.get_parameter(Name=name, WithDecryption=with_decryption)
+        return resp["Parameter"]["Value"]
+    except ClientError as e:
+        raise RuntimeError(f"Error resolving SSM parameter {name!r}: {e}") from e

aws_util-0.1.0/src/placeholder.py ADDED Viewed

@@ -0,0 +1,86 @@
+from __future__ import annotations
+import re
+from functools import lru_cache
+from typing import Any
+from src.parameter_store import get_parameter
+from src.secrets_manager import get_secret
+# Matches ${ssm:/myapp/db/username}
+SSM_PATTERN = re.compile(r"\$\{ssm:([^}]+)\}")
+# Matches ${secret:myapp/db-credentials:password}
+# or ${secret:myapp/db-credentials}
+# or ${secret:${ssm:secret_name}:password} AFTER SSM phase
+SECRET_PATTERN = re.compile(r"\$\{secret:([^}]+)\}")
+@lru_cache(maxsize=256)
+def _resolve_ssm(name: str) -> str:
+    """
+    Cached wrapper around parameter_store.get_parameter.
+    """
+    return get_parameter(name, with_decryption=True)
+@lru_cache(maxsize=256)
+def _resolve_secret(inner: str) -> str:
+    """
+    Cached wrapper around secret_manager.get_secret.
+    """
+    return get_secret(inner)
+# -------- cache clear helpers (NO return type changes) --------
+def clear_ssm_cache() -> None:
+    """Clear cached SSM resolutions in this warm Lambda container."""
+    _resolve_ssm.cache_clear()
+def clear_secret_cache() -> None:
+    """Clear cached Secret resolutions in this warm Lambda container."""
+    _resolve_secret.cache_clear()
+def clear_all_caches() -> None:
+    """Clear both SSM and Secret caches."""
+    _resolve_ssm.cache_clear()
+    _resolve_secret.cache_clear()
+# -------------------------------------------------------------
+def retrieve(value: Any) -> Any:
+    """
+    Replace placeholders in the given string:
+      ${ssm:/myapp/db/username}
+      ${secret:myapp/db-credentials:password}
+    Order is:
+      1) Resolve ALL ${ssm:...}
+      2) Then resolve ALL ${secret:...}
+    This allows nested patterns like:
+      ${secret:${ssm:secret_name}:password}
+    Non-string values are returned as-is.
+    """
+    if not isinstance(value, str):
+        return value
+    # ---------- 1) SSM phase ----------
+    def ssm_replacer(match: re.Match) -> str:
+        name = match.group(1)
+        return _resolve_ssm(name)
+    value = SSM_PATTERN.sub(ssm_replacer, value)
+    # ---------- 2) Secrets Manager phase ----------
+    def secret_replacer(match: re.Match) -> str:
+        inner = match.group(1)
+        return _resolve_secret(inner)
+    value = SECRET_PATTERN.sub(secret_replacer, value)
+    return value

aws_util-0.1.0/src/secrets_manager.py ADDED Viewed

@@ -0,0 +1,56 @@
+from __future__ import annotations
+import json
+import boto3
+from botocore.exceptions import ClientError
+# Reuse client (good for Lambda cold starts)
+secrets_client = boto3.client("secretsmanager")
+def get_secret(inner: str) -> str:
+    """
+    Single Secrets Manager call, no caching here.
+    Caching will be handled in src.placeholder via lru_cache.
+    `inner` can be:
+      - "myapp/db-credentials"
+      - "myapp/db-credentials:password"
+      - "arn:aws:secretsmanager:...:secret:myapp/db-credentials:password"
+    We split on the *last* ':' so ARNs still work.
+    """
+    json_key = None
+    if ":" in inner:
+        secret_id, json_key = inner.rsplit(":", 1)
+    else:
+        secret_id = inner
+    try:
+        resp = secrets_client.get_secret_value(SecretId=secret_id)
+    except ClientError as e:
+        raise RuntimeError(f"Error resolving secret {secret_id!r}: {e}") from e
+    if "SecretString" in resp:
+        secret_str = resp["SecretString"]
+    else:
+        secret_str = resp["SecretBinary"].decode("utf-8")
+    # If a JSON key was specified, treat secret as JSON and extract that field
+    if json_key:
+        try:
+            data = json.loads(secret_str)
+        except json.JSONDecodeError as e:
+            raise RuntimeError(
+                f"Secret {secret_id!r} is not valid JSON so key {json_key!r} cannot be used"
+            ) from e
+        if json_key not in data:
+            raise KeyError(f"Key {json_key!r} not found in secret {secret_id!r}")
+        return str(data[json_key])
+    # No key → return the whole secret string
+    return secret_str