Toggle Light / Dark / Auto color theme

Toggle table of contents sidebar

parameter_store

AWS Parameter Store support.

class pysecret.aws.parameter_store.ParameterTypeEnum(value)

An enumeration.

class pysecret.aws.parameter_store.ParameterTierEnum(value)

An enumeration.

class pysecret.aws.parameter_store.ParameterDataTypeEnum(value)

An enumeration.

pysecret.aws.parameter_store.get_parameter_tags(ssm_client, name: str) → Dict[str, str]

Get parameter tags.

Ref:

• list_tags_for_resource: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.list_tags_for_resource

Returns

return empty dict if parameter doesn’t have tags. otherwise, return tags in format of key value dict.

pysecret.aws.parameter_store.remove_parameter_tags(ssm_client, name: str, tag_keys: List[str])

Delete parameter tags.

Ref:

• remove_tags_from_resource: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.remove_tags_from_resource

pysecret.aws.parameter_store.update_parameter_tags(ssm_client, name: str, tags: Dict[str, str])

Create or update (partial update) tags.

Ref:

• add_tags_to_resource: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.add_tags_to_resource

pysecret.aws.parameter_store.put_parameter_tags(ssm_client, name: str, tags: Optional[Dict[str, str]] = None)

Full replacement update tags.

• if None, then do nothing

• if empty dict, then delete tags

• if non-empty dict, then do full replacement update

class pysecret.aws.parameter_store.Parameter(Name: str, Value: str, Type: Optional[str] = None, Version: Optional[int] = None, LastModifiedDate: Optional[datetime.datetime] = None, DataType: Optional[str] = None, ARN: Optional[str] = None, Selector: Optional[str] = None, SourceResult: Optional[str] = None, Tags: Dict[str, str] = <factory>, Labels: List[str] = <factory>)

AWS System Manager Parameter object.

• The camel case attributes are raw value from AWS API.

• The snake case attributes are user-friendly accessor to the data.

• if you know what data type to expect in the parameter, please use

  Parameter.string(), Parameter.string_list(), Parameter.json_dict(), Parameter.json_list(), Parameter.py_object() to access the data.

classmethod load(ssm_client, name: str, version: Optional[int] = None, label: Optional[str] = None, with_decryption: Optional[bool] = None, with_tags: bool = False) → Optional[pysecret.aws.parameter_store.Parameter]

Load parameter data.

Parameters

• name – the raw parameter name, don’t set version and label here

• version – the integer version

• label – the string label

• with_decryption – is this parameter a secure string?

• with_tags – also get resource tags?

Ref:

• get_parameter: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.get_parameter

property string: str

The string user data.

property string_list: List[str]

The python string list user data.

property json_dict: dict

The python dict user data.

property json_list: list

The python list user data.

put_label(ssm_client, labels: List[str]) → dict

Put label to parameter version, this will automatically move label from other version if the label already exists.

Ref:

• label_parameter_version: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.label_parameter_version

delete_label(ssm_client, labels: List[str]) → dict

Delete labels from parameter version.

Ref:

• unlabel_parameter_version: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.unlabel_parameter_version

pysecret.aws.parameter_store.deploy_parameter(ssm_client, name: str, data: Union[str, list, dict, Any], description: Optional[str] = None, type_is_string: bool = False, type_is_string_list: bool = False, type_is_secure_string: bool = False, kms_key_id: Optional[str] = None, use_default_kms_key: Optional[bool] = False, tier_is_standard: bool = False, tier_is_advanced: bool = False, tier_is_intelligent: bool = False, policies: Optional[str] = None, tags: Optional[Dict[str, str]] = None, overwrite: bool = False, skip_if_duplicated: bool = True) → Optional[pysecret.aws.parameter_store.Parameter]

Create or Update a parameter.

Ref:

• put_parameter: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.put_parameter

Note:

• you cannot change tags when overwriting parameter, you have to call

  add_tags_to_resource API after overwriting.

Parameters

• ssm_client – boto3 system manager client

• name – the parameter name

• data – the parameter data, could be one of the following: - a string - a list of string - a list of object - a dict object - arbitrary jsonpicklible python object

• description – description of the parameter

• type_is_string – is it String type?

• type_is_string_list – is it StringList type?

• type_is_secure_string – is it SecureString type?

• kms_key_id – user defined KMS key id for encryption

• use_default_kms_key – if true, then you can omit the kms_key_id field, and it will use the default alias/aws/ssm kms key to encrypt your data, and the type become Se

• tier_is_standard – is this standard tier?

• tier_is_advanced – is this advanced tier?

• tier_is_intelligent – is this intelligent tier?

• policies – access policy

• tags – if None, then don’t update tags. if empty dict, then delete tags, if non-empty dict, then do full replacement update.

• overwrite – if False, then raise error when overwriting an existing parameter

• skip_if_duplicated – if True, then won’t do deployment if parameter data is the same as the one in the latest version.

Returns

None or an Parameter object, None means that the deployment doesn’t happen.

pysecret.aws.parameter_store.delete_parameter(ssm_client, name: str) → bool

Delete a Parameter.

Ref:

• delete_parameter: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.delete_parameter

Returns

a boolean value to indicate whether a deletion happened.