dlt.common.configuration.providers.aws_secrets
AwsSecretsManagerProvider Objects
class AwsSecretsManagerProvider(VaultDocProvider)
__init__
def __init__(credentials: AwsCredentials,
only_secrets: bool = True,
only_toml_fragments: bool = True,
list_secrets: bool = False,
secret_name_prefix: str = "dlt/") -> None
Initialize an AWS Secrets Manager Provider to access secrets stored in AWS Secrets Manager
Arguments:
credentials- AWS credentials to access Secrets Manageronly_secrets- When True, only keys with secret hint types will be looked uponly_toml_fragments- When True, only load known TOML fragments and ignore other lookupslist_secrets- When True, list all secrets upfront to optimize vault access by avoiding lookups for non-existent secrets. Requires additional API calls and the secretsmanager:ListSecrets permission.secret_name_prefix- Prepended verbatim to all secret names and used to filter secret listing so dlt secrets are namespaced in a vault shared with other services. Defaults todlt/, set to an empty string to look up unprefixed secret names.
get_key_name
@staticmethod
def get_key_name(key: str, *sections: str) -> str
Makes key name for the secret by joining normalized components with /
AWS secret names may contain letters, numerals and /_+=.@- characters. Punctuation
other than - and _ is removed from name components so the separator cannot appear
inside them.