39 lines
968 B
Go
39 lines
968 B
Go
package smartconfig
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
|
|
"github.com/aws/aws-sdk-go-v2/config"
|
|
"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
|
|
)
|
|
|
|
// AWSSecretManagerResolver retrieves secrets from AWS Secrets Manager.
|
|
// Usage: ${AWSSM:secret-name}
|
|
type AWSSecretManagerResolver struct{}
|
|
|
|
// Resolve retrieves the secret value from AWS Secrets Manager.
|
|
func (r *AWSSecretManagerResolver) Resolve(value string) (string, error) {
|
|
ctx := context.Background()
|
|
cfg, err := config.LoadDefaultConfig(ctx)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to load AWS config: %w", err)
|
|
}
|
|
|
|
svc := secretsmanager.NewFromConfig(cfg)
|
|
input := &secretsmanager.GetSecretValueInput{
|
|
SecretId: &value,
|
|
}
|
|
|
|
result, err := svc.GetSecretValue(ctx, input)
|
|
if err != nil {
|
|
return "", fmt.Errorf("failed to get secret %s: %w", value, err)
|
|
}
|
|
|
|
if result.SecretString != nil {
|
|
return *result.SecretString, nil
|
|
}
|
|
|
|
return "", fmt.Errorf("secret %s has no string value", value)
|
|
}
|