Update to 2022-12-08 AWS go V2 SDK

v0.7.3

updated to latest aws go sdk

Bugfix release

Incorrect usage of errors.As - described in issue #16 is fixed and hence, no panics when errors do occur in those situations.

Updated aws go sdk v2 refs to 1.3.0

Simple upgrade of all references, most notably the AWS sdk go v2 of which is in release now.

Update for AWS GO SDK v2 RC1

This release is just a refactor to match changes for the AWS GO SDK v2 RC1

No logging of sensitive data

Removed all logs regarding the value retrieved, created, or updated towards the Parameter Store or Secrets Manager since this is not advised in a runtime environment and this library is nearing a alpha release :)

Delete implemented

It is now possible to do delete of keys in both Parameter Store and in Secrets Manager. It works exactly as marshal / un-marshal, including possibility to exclude / include fields and get report on which got deleted and which where not.

Example to remove a set of pms keys

	type Test struct {
		Name string `pms:"test, prefix=simple"`
		Sub  struct {
			Apa int    `pms:"ext"`
			Nu  string `pms:"myname"`
		}
		AsmSub struct {
			Apa2 int    `asm:"ext"`
			Nu2  string `asm:"myname"`
		}
	}

	var test2 Test
	fields, _ := s.DeleteWithOpts(&test2, NoFilter, OnlyPms)

	assert.Equal(t, 0, len(fields), "all fields deleted")

Cheers,
Mario

Support for local / global prefixes

It is now possible to render key names in a local mode (with service name) and global mode (without service name).

Samples

• Local /dev/test-service/simple/password where prefix: "simple" (i.e. Local)
• Global /dev/global/parser-prefix/password where prefix: "/global/parser-prefix" (i.e. Global)

The SSMSerializer can now accept a default prefix where it will apply on all fields except those that do contain a prefix within the tag. For example

type Test struct {
  HasLocalPrefix string `pms:"hasprefix, prefix=simple"`
  HasNoPrefix    string `pms:"hasnoprefix"`
}

var ctx Test
s := ssm.NewSsmSerializer("eap", "test-service").
  UsePrefix("/global/parser-prefix")

_, err := s.Unmarshal(&ctx)
if err != nil {
  panic()
}

// HasLocalPrefix is named: /eap/test-service/simple/hasprefix
// HasNoPrefix is named /eap/global/parser-prefix/hasnoprefix

Cheers

Bugfix in module name

v0.4.0

removed the .git postfix on module name

Secret Manager Templates

This release adds templates for simplifying creation of rotate-able secrets by just including a struct.

For example

type MyServiceContext struct {
	DbCtx    support.SecretsManagerRDSPostgreSQLRotationSingleUser `asm:"dbctx, strkey=password"`
	Settings struct {
		BatchSize int    `json:"batchsize"`
		Signer    string `json:"signer,omitempty"`
	} `pms:"settings"`
}

The SecretsManagerRDSPostgreSQLRotationSingleUser looks like this

// SecretsManagerBaseTemplate is the basis for all managed
// template that may be rotated
type SecretsManagerBaseTemplate struct {
	// Engine is required
	Engine ASMEngine `json:"engine"`
	// Host is required: instance host name/resolvable DNS name
	Host string `json:"host"`
	// Username is required: username
	Username string `json:"username"`
	// Password is required: password. If you provision the
	// secret through cloudformation template, this property
	// must be omitted but set the strkey=password in order
	// for cloud formation to auto generate a password upon
	// provisioning.
	Password string `json:"password,omitempty"`
	// DbName is optional, will default to None if missing
	DbName string `json:"dbname,omitempty"`
	// Port is optional, will default to 3306, 1521, 5432, 1433
	// depending on which database used.
	Port string `json:"port,omitempty"`
}

type SecretsManagerRDSPostgreSQLRotationSingleUser struct {
	SecretsManagerBaseTemplate
}

If this is reported it may output something like this (that one may use in ssm-cdk-generator to create deployable CDK Construct - Cloud Formation)

{
  "type": "secrets-manager",
  "fqname": "/prod/test-service/dbctx",
  "keyid": "",
  "description": "",
  "tags": {},
  "details": {
    "strkey": "password"
  },
  "value": "{\"engine\":\"postgres\",\"host\":\"pgsql-17.toffia.se\",\"username\":\"gördis\",\"dbname\":\"mydb\"}",
  "valuetype": "SecureString"
},
{
  "type": "parameter-store",
  "fqname": "/prod/test-service/settings",
  "keyid": "",
  "description": "",
  "tags": {},
  "details": {
    "pattern": "",
    "tier": "Standard"
  },
  "value": "{\"batchsize\":77,\"signer\":\"mto\"}",
  "valuetype": "String"
}

Report shall always emit details

FIxes a bug where asm details did not get emitted when strkey was nil.