Skip to content

Releases: mariotoffia/ssm

Update to 2022-12-08 AWS go V2 SDK

08 Dec 10:32
@mariotoffia mariotoffia
v0.7.3
1afc2c5
Compare
Choose a tag to compare
Update to 2022-12-08 AWS go V2 SDK Latest
Latest 
v0.7.3

updated to latest aws go sdk
Assets 2

Bugfix release

06 May 18:29
@mariotoffia mariotoffia
v0.7.2
81d5558
Compare
Choose a tag to compare
Bugfix release

Incorrect usage of errors.As - described in issue #16 is fixed and hence, no panics when errors do occur in those situations.

Assets 2

Updated aws go sdk v2 refs to 1.3.0

28 Mar 10:50
@mariotoffia mariotoffia
v0.7.1
67deb45
Compare
Choose a tag to compare
Updated aws go sdk v2 refs to 1.3.0

Simple upgrade of all references, most notably the AWS sdk go v2 of which is in release now.

Assets 2

Update for AWS GO SDK v2 RC1

05 Jan 09:11
@mariotoffia mariotoffia
v0.7.0
f4d2d63
Compare
Choose a tag to compare
Update for AWS GO SDK v2 RC1

This release is just a refactor to match changes for the AWS GO SDK v2 RC1

Assets 2

No logging of sensitive data

30 Oct 20:52
@mariotoffia mariotoffia
v0.6.1
5be5315
Compare
Choose a tag to compare
No logging of sensitive data

Removed all logs regarding the value retrieved, created, or updated towards the Parameter Store or Secrets Manager since this is not advised in a runtime environment and this library is nearing a alpha release :)

Assets 2

Delete implemented

28 Oct 17:14
@mariotoffia mariotoffia
v0.6.0
5dff64d
Compare
Choose a tag to compare
Delete implemented

It is now possible to do delete of keys in both Parameter Store and in Secrets Manager. It works exactly as marshal / un-marshal, including possibility to exclude / include fields and get report on which got deleted and which where not.

Example to remove a set of pms keys

	type Test struct {
		Name string `pms:"test, prefix=simple"`
		Sub  struct {
			Apa int    `pms:"ext"`
			Nu  string `pms:"myname"`
		}
		AsmSub struct {
			Apa2 int    `asm:"ext"`
			Nu2  string `asm:"myname"`
		}
	}

	var test2 Test
	fields, _ := s.DeleteWithOpts(&test2, NoFilter, OnlyPms)

	assert.Equal(t, 0, len(fields), "all fields deleted")

Cheers,
Mario

Assets 2

Support for local / global prefixes

21 Oct 07:37
@mariotoffia mariotoffia
v0.5.0
e677ffa
Compare
Choose a tag to compare
Support for local / global prefixes

It is now possible to render key names in a local mode (with service name) and global mode (without service name).

Samples

  • Local /dev/test-service/simple/password where prefix: "simple" (i.e. Local)
  • Global /dev/global/parser-prefix/password where prefix: "/global/parser-prefix" (i.e. Global)

The SSMSerializer can now accept a default prefix where it will apply on all fields except those that do contain a prefix within the tag. For example

type Test struct {
  HasLocalPrefix string `pms:"hasprefix, prefix=simple"`
  HasNoPrefix    string `pms:"hasnoprefix"`
}

var ctx Test
s := ssm.NewSsmSerializer("eap", "test-service").
  UsePrefix("/global/parser-prefix")

_, err := s.Unmarshal(&ctx)
if err != nil {
  panic()
}

// HasLocalPrefix is named: /eap/test-service/simple/hasprefix
// HasNoPrefix is named /eap/global/parser-prefix/hasnoprefix

Cheers

Assets 2

Bugfix in module name

13 May 04:00
@mariotoffia mariotoffia
v0.4.0
9d72811
Compare
Choose a tag to compare
Bugfix in module name 
v0.4.0

removed the .git postfix on module name
Assets 2

Secret Manager Templates

12 May 19:02
@mariotoffia mariotoffia
v0.3.0
582e372
Compare
Choose a tag to compare
Secret Manager Templates

This release adds templates for simplifying creation of rotate-able secrets by just including a struct.

For example

type MyServiceContext struct {
	DbCtx    support.SecretsManagerRDSPostgreSQLRotationSingleUser `asm:"dbctx, strkey=password"`
	Settings struct {
		BatchSize int    `json:"batchsize"`
		Signer    string `json:"signer,omitempty"`
	} `pms:"settings"`
}

The SecretsManagerRDSPostgreSQLRotationSingleUser looks like this

// SecretsManagerBaseTemplate is the basis for all managed
// template that may be rotated
type SecretsManagerBaseTemplate struct {
	// Engine is required
	Engine ASMEngine `json:"engine"`
	// Host is required: instance host name/resolvable DNS name
	Host string `json:"host"`
	// Username is required: username
	Username string `json:"username"`
	// Password is required: password. If you provision the
	// secret through cloudformation template, this property
	// must be omitted but set the strkey=password in order
	// for cloud formation to auto generate a password upon
	// provisioning.
	Password string `json:"password,omitempty"`
	// DbName is optional, will default to None if missing
	DbName string `json:"dbname,omitempty"`
	// Port is optional, will default to 3306, 1521, 5432, 1433
	// depending on which database used.
	Port string `json:"port,omitempty"`
}

type SecretsManagerRDSPostgreSQLRotationSingleUser struct {
	SecretsManagerBaseTemplate
}

If this is reported it may output something like this (that one may use in ssm-cdk-generator to create deployable CDK Construct - Cloud Formation)

{
  "type": "secrets-manager",
  "fqname": "/prod/test-service/dbctx",
  "keyid": "",
  "description": "",
  "tags": {},
  "details": {
    "strkey": "password"
  },
  "value": "{\"engine\":\"postgres\",\"host\":\"pgsql-17.toffia.se\",\"username\":\"gördis\",\"dbname\":\"mydb\"}",
  "valuetype": "SecureString"
},
{
  "type": "parameter-store",
  "fqname": "/prod/test-service/settings",
  "keyid": "",
  "description": "",
  "tags": {},
  "details": {
    "pattern": "",
    "tier": "Standard"
  },
  "value": "{\"batchsize\":77,\"signer\":\"mto\"}",
  "valuetype": "String"
}
Assets 2

Report shall always emit details

12 May 10:07
@mariotoffia mariotoffia
v0.2.0
53b07c1
Compare
Choose a tag to compare
Report shall always emit details

FIxes a bug where asm details did not get emitted when strkey was nil.

Assets 2