tb_pulumi.secrets

Infrastructural patterns related to AWS Secrets Manager.

class tb_pulumi.secrets.PulumiSecretsManager(name: str, project: ThunderbirdPulumiProject, secret_names: list[str] = [], opts: ResourceOptions = None, **kwargs)

Bases: ThunderbirdComponentResource

Builds a set of AWS SecretsManager Secrets based on specific secrets in Pulumi’s config.

Parameters:

  • name (str) – A string identifying this set of resources.

  • project (ThunderbirdPulumiProject) – The ThunderbirdPulumiProject to add these resources to.

  • secret_names (list[str], optional) – A list of secrets as they are known to Pulumi. To get a list of valid values, run pulumi config. For more info on Pulumi secrets, see Working with Secrets.

  • opts – Additional pulumi.ResourceOptions to apply to these resources.

  • kwargs – Any other keyword arguments which will be passed as inputs to the aws.secretsmanager.Secret resource.

class tb_pulumi.secrets.SecretsManagerSecret(name: str, project: ThunderbirdPulumiProject, secret_name: str, secret_value: Any, opts: ResourceOptions = None, **kwargs)

Bases: ThunderbirdComponentResource

Stores a value as a Secrets Manager secret.

Parameters:

  • name (Any) – A string identifying this set of resources.

  • project (ThunderbirdPulumiProject) – The ThunderbirdPulumiProject to add these resources to.

  • secret_name – A slash (“/”) delimited name for the secret in AWS. The last segment of this will be used as the “short name” for abbreviated references.

  • secret_value – The secret data to store. This should be a string or some other type that can be serialized with str().

  • opts (pulumi.ResourceOptions, optional) – Additional pulumi.ResourceOptions to apply to these resources. Defaults to None.

  • kwargs – Any other keyword arguments which will be passed as inputs to the aws.secretsmanager.Secret resource.