AwsSecret

Bases: DuploResourceV3

AWS Secrets Manager Secrets resource.

This resource allows you to create, find, update, and delete AWS Secrets Manager secrets.

Usage

duploctl aws_secret <cmd> [options]

Manages AWS Secrets Manager in the background.

Commands

`apply`

Apply a AwsSecret

Create or Update a AwsSecret resource with Duplocloud cli.

CLI Usage

duploctl awssecret apply -f 'awssecret.yaml'

Contents of the awssecret.yaml file

Name: duploctl
SecretString: '{"foo": "bar"}'

Returns:

Name	Type	Description
`message`	`dict`	Success message.

Parameters:

--file, -f, --cli-input

A file to read the input from

FileType('r') action: YamlAction

--patches, --add, --remove, --copy, --replace, --test, --move

The json patch to apply

str action: JsonPatchAction

`create`

Create an AWS Secrets Manager Secret

Using DuploCloud's native support for AWS Secrets Manager, you can create a new secret. This method acts and feels like how the Kubernetes secrets work within this cli. Supports the secrets value as a string or a key/value JSON object where each value is a string. If you give a JSON object with any key that is not a string, the entire value will be simply a string with a JSON value. The examples below mostly include the --dry-run so you can see the output. Simply remove that to actually create the secret.

cli usage

duploctl aws_secret create <name> <args>

Create a secret from a datamap

duploctl aws_secret create mysecret --from-literal foo=bar --from-file some-config.json

Create a secret with a value

duploctl aws_secret create mysecret --value foobarbaz

Merge a body with new keys

Notice the the --file flag is set to - which means it will read a body file from stdin. Since a name is given, the name in the body file will be replaced with the name given in the command.

cat awssecret.yaml | duploctl aws_secret create mysecret --file - --from-file some-config.json --from-literal icecream=vanilla --dry-run

Here is what the file body within awssecret.yaml looks like

Name: duploctl
SecretString: '{"foo": "bar"}'

And then the some-config.json file looks like this

{
  "foo": {
    "bar": "baz",
    "qux": 42
  }
}

Returns:

Name	Type	Description
`message`	`dict`	Either a success message is returned or if --dry-run is passed then the body is what is returned.

Raises:

Type	Description
`DuploError`	If the AWS secret already exists.

Parameters:

name positional

The resource name

str

--file, -f, --cli-input

A file to read the input from

FileType('r') action: YamlAction

--fromfile, --from-file, --from-literal

A file or literal value to add to the data map

str action: DataMapAction

--parametervalue, -pval, -val, --value

Arbitrary text to add as the content of some secret or configuration paramater.

str

--dryrun, --dry-run

Do not submit any changes to the server, just print the data to the console.

bool

`delete`

Delete an AWS Secrets Manager secret.

Deletes an AWS Secrets Manager secret by name.

cli

duploctl aws_secret delete <name>

Returns:

Name	Type	Description
`message`	`dict`	A success message.

Parameters:

name positional

The resource name

str

`find`

Find an AWS Secrets Manager secret by name and return its content

cli usage

duploctl aws_secret find <name>

Returns:

Name	Type	Description
`resource`	`dict`	The AWS secret object.

Raises:

Type	Description
`DuploError`	If the AWS secret could not be found.

Parameters:

name positional

The resource name

str

--showsensitive, -show

Return sensitive values to output. WARNING - ENABLING THIS SETTING MAY DISPLAY SENSITIVE DATA TO STDOUT/LOG FILES

bool

`list`

Retrieve a List of AwsSecret resources

cli usage

duploctl awssecret list

Returns:

Name	Type	Description
`list`	`list`	A list of AwsSecret.

`update`

Update an AWS Secrets Manager secret.

Follows all the same arguments and style of the create method. This requires the secret to already exist.

cli usage

duploctl aws_secret update <name> <args>

Returns:

Name	Type	Description
`message`	`dict`	Either a success message is returned or if --dry-run is passed then the body is what is returned.

Raises:

Type	Description
`DuploError`	If the AWS secret could not be found or doesn't exist.

Parameters:

name positional

The resource name

str

--file, -f, --cli-input

A file to read the input from

FileType('r') action: YamlAction

--fromfile, --from-file, --from-literal

A file or literal value to add to the data map

str action: DataMapAction

--parametervalue, -pval, -val, --value

Arbitrary text to add as the content of some secret or configuration paramater.

str

--dryrun, --dry-run

Do not submit any changes to the server, just print the data to the console.

bool

Methods

`name_from_body`

`prefixed_name`

Override to handle slash-separated secret paths.