Lib.rs

Network programming
#secrets-manager #secret #client-secret #aws #cache #applications #web-apps

aws_secretsmanager_caching

The AWS Secrets Manager Rust caching client enables in-process caching of secrets for Rust applications

Owned by aws, simonmarty.

1 stable release

1.0.0 Jul 31, 2024

#1099 in Network programming


Used in aws_secretsmanager_agent

Apache-2.0

51KB
963 lines

AWS Secrets Manager Rust Caching Client

The AWS Secrets Manager Rust Caching Client enables in-process caching of secrets for Rust applications.

Getting Started

Required Prerequisites

To use this client you must have:

  • A Rust 2021 development environment. If you do not have one, go to Rust Getting Started on the Rust Programming Language website, then download and install Rust.
  • An Amazon Web Services (AWS) account to access secrets stored in AWS Secrets Manager.
    • To create an AWS account, go to Sign In or Create an AWS Account and then choose I am a new user. Follow the instructions to create an AWS account.
    • To create a secret in AWS Secrets Manager, go to Creating Secrets and follow the instructions on that page.

Get Started

The following code sample demonstrates how to get started:

  1. Instantiate the caching client.
  2. Request secret.
cargo add tokio -F rt-multi-thread,net,macros
cargo add aws_secretsmanager_caching

use aws_secretsmanager_caching::SecretsManagerCachingClient;
use std::num::NonZeroUsize;
use std::time::Duration;

let client = match SecretsManagerCachingClient::default(
    NonZeroUsize::new(1000).unwrap(),
    Duration::from_secs(300),
)
.await
{
    Ok(c) => c,
    Err(_) => panic!("Handle this error"),
};

let secret_string = match client.get_secret_value("MyTest", None, None).await {
    Ok(s) => s.secret_string.unwrap(),
    Err(_) => panic!("Handle this error"),
};

// Your code here

Cache Configuration

  • max_size: NonZeroUsize: The maximum number of cached secrets to maintain before evicting secrets that have not been accessed recently.
  • ttl: Duration: The duration a cached item is considered valid before requiring a refresh of the secret state.

Instantiating Cache with a custom Config and a custom Client

cargo add aws_sdk_secretsmanager aws_config

let config = aws_config::load_defaults(BehaviorVersion::latest())
    .await
    .into_builder()
    .region(Region::from_static("us-west-2"))
    .build();

let asm_builder = aws_sdk_secretsmanager::config::Builder::from(&config);

let client = match SecretsManagerCachingClient::from_builder(
    asm_builder,
    NonZeroUsize::new(1000).unwrap(),
    Duration::from_secs(300),
)
.await
{
    Ok(c) => c,
    Err(_) => panic!("Handle this error"),
};

let secret_string = client
    .get_secret_value("MyTest", None, None)
    .await 
    {
        Ok(c) => c.secret_string.unwrap(),
        Err(_) => panic!("Handle this error"),
    };

// Your code here

Getting Help

Please use these community resources for getting help:

Dependencies

~14–21MB
~314K SLoC