parameter_store¶
AWS Parameter Store support.
- pysecret.aws.parameter_store.get_parameter_tags(ssm_client, name: str) Dict[str, str] [source]¶
Get parameter tags.
Ref:
list_tags_for_resource: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.list_tags_for_resource
- Returns
return empty dict if parameter doesn’t have tags. otherwise, return tags in format of key value dict.
- pysecret.aws.parameter_store.remove_parameter_tags(ssm_client, name: str, tag_keys: List[str])[source]¶
Delete parameter tags.
Ref:
- pysecret.aws.parameter_store.update_parameter_tags(ssm_client, name: str, tags: Dict[str, str])[source]¶
Create or update (partial update) tags.
Ref:
- pysecret.aws.parameter_store.put_parameter_tags(ssm_client, name: str, tags: Optional[Dict[str, str]] = None)[source]¶
Full replacement update tags.
if None, then do nothing
if empty dict, then delete tags
if non-empty dict, then do full replacement update
- class pysecret.aws.parameter_store.Parameter(Name: str, Value: str, Type: Optional[str] = None, Version: Optional[int] = None, LastModifiedDate: Optional[datetime.datetime] = None, DataType: Optional[str] = None, ARN: Optional[str] = None, Selector: Optional[str] = None, SourceResult: Optional[str] = None, Tags: Dict[str, str] = <factory>, Labels: List[str] = <factory>)[source]¶
AWS System Manager Parameter object.
The camel case attributes are raw value from AWS API.
The snake case attributes are user-friendly accessor to the data.
- if you know what data type to expect in the parameter, please use
Parameter.string()
,Parameter.string_list()
,Parameter.json_dict()
,Parameter.json_list()
,Parameter.py_object()
to access the data.
- classmethod load(ssm_client, name: str, version: Optional[int] = None, label: Optional[str] = None, with_decryption: Optional[bool] = None, with_tags: bool = False) Optional[pysecret.aws.parameter_store.Parameter] [source]¶
Load parameter data.
- Parameters
name – the raw parameter name, don’t set version and label here
version – the integer version
label – the string label
with_decryption – is this parameter a secure string?
with_tags – also get resource tags?
Ref:
- put_label(ssm_client, labels: List[str]) dict [source]¶
Put label to parameter version, this will automatically move label from other version if the label already exists.
Ref:
- pysecret.aws.parameter_store.deploy_parameter(ssm_client, name: str, data: Union[str, list, dict, Any], description: Optional[str] = None, type_is_string: bool = False, type_is_string_list: bool = False, type_is_secure_string: bool = False, kms_key_id: Optional[str] = None, use_default_kms_key: Optional[bool] = False, tier_is_standard: bool = False, tier_is_advanced: bool = False, tier_is_intelligent: bool = False, policies: Optional[str] = None, tags: Optional[Dict[str, str]] = None, overwrite: bool = False, skip_if_duplicated: bool = True) Optional[pysecret.aws.parameter_store.Parameter] [source]¶
Create or Update a parameter.
Ref:
put_parameter: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.put_parameter
Note:
- you cannot change tags when overwriting parameter, you have to call
add_tags_to_resource
API after overwriting.
- Parameters
ssm_client – boto3 system manager client
name – the parameter name
data – the parameter data, could be one of the following: - a string - a list of string - a list of object - a dict object - arbitrary jsonpicklible python object
description – description of the parameter
type_is_string – is it String type?
type_is_string_list – is it StringList type?
type_is_secure_string – is it SecureString type?
kms_key_id – user defined KMS key id for encryption
use_default_kms_key – if true, then you can omit the
kms_key_id
field, and it will use the defaultalias/aws/ssm
kms key to encrypt your data, and the type become Setier_is_standard – is this standard tier?
tier_is_advanced – is this advanced tier?
tier_is_intelligent – is this intelligent tier?
policies – access policy
tags – if None, then don’t update tags. if empty dict, then delete tags, if non-empty dict, then do full replacement update.
overwrite – if False, then raise error when overwriting an existing parameter
skip_if_duplicated – if True, then won’t do deployment if parameter data is the same as the one in the latest version.
- Returns
None or an
Parameter
object, None means that the deployment doesn’t happen.
- pysecret.aws.parameter_store.delete_parameter(ssm_client, name: str) bool [source]¶
Delete a Parameter.
Ref:
delete_parameter: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.delete_parameter
- Returns
a boolean value to indicate whether a deletion happened.