Skip to content

Added a more detailed API usage documentation #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
huogerac wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Added a more detailed API usage documentation #6

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
80 changes: 63 additions & 17 deletions README.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ It also makes it easy for you to:

#. Not repeat the boto3 boilerplate code;
#. Define default values;
#. Use os.environ as fall back;
#. Use os.environ when necessary;


Why
Expand All @@ -21,7 +21,17 @@ Why
- Single place to save all secrets (AWS Secrets Manager)
- Keep sensitive information away from code and environments
- Simpler API to access AWS Secrets Manager (rather than boto3)
- Extention of [Python Decouple](https://github.com/henriquebastos/python-decouple)

Sequence
------------

```
---> ENV ---> AWS ---> DEFAULT_VALUE
/
secret = config('MY_SECRET', 'my-default-value')

```

Installation
------------
Expand All @@ -30,38 +40,74 @@ Installation
pip install python-decouple-aws


Usage example 1
Usage
---------------

## Example 1

::

# settings.py
from decouple_aws import get_config

# The package provides a wrapper function that will
# fallback to environment variables and fail gracefully
# if AWS Secrets Manager is not accessible for whatever
# reason.
# Get the dict from AWS and make it avaible on config
config = get_config('your-project/secret/name', 'ap-southeast-2')

# Use decouple config like normal
MY_EMAIL_USER = config('MY_EMAIL_USER', 'default-user')
MY_EMAIL_PASS = config('MY_EMAIL_PASS')


Usage example 2
---------------
## Example 2

You want to run locally or on CI server with NO AWS CREDENTIALS,
fallback to environment variables and fail gracefully
if AWS Secrets Manager is not accessible for whatever reason.

::

$ export MY_EMAIL_PASS="MY-LOCAL-PASSWORD"

# settings.py
from decouple_aws import get_config

config = get_config('your-project/secret/name', 'ap-southeast-2')

# Use decouple config like normal
MY_EMAIL_USER = config('MY_EMAIL_USER', 'default-user')
MY_EMAIL_PASS = config('MY_EMAIL_PASS')


## Example 3

You want to handle errors your self whatever reason.

::

# settings.py
from decouple import Config
from decouple_aws import RepositoryAwsSecretManager
# settings.py
from decouple_aws import get_config
from botocore.exceptions import NoCredentialsError

# if you would like it to fail if secrets
# manager is inaccessible, you can build it manually.
# initialise the config with the AWS repository
# Pass the repo your secret name and the region
repo = RepositoryAwsSecretManager('your-project/secret/name', 'ap-southeast-2')
config = Config(repo)
config = get_config('your-project/secret/name', 'ap-southeast-2', fail=True)

# Use decouple config like normal
MY_SUPER_SECRET_SETTING = config('MY_SUPER_SECRET_SETTING')
\
It will raise NoCredentialsError
when credentials is not found

## Example 4

whatever fail=True or failt=False, it will fail when the secret is invalid

::

# settings.py
from decouple_aws import get_config
from decouple import UndefinedValueError

config = get_config('your-project/secret/name', 'ap-southeast-2')
MY_SECRET = config('MY_SECRET_NOT_SET')
\
It will raise UndefinedValueError
when credentials is okay but not secret registed