Skip to content

Bug: Cannot fetch binary secrets #1713

New issue
New issue
Closed
#1717
Closed
Bug: Cannot fetch binary secrets#1713
#1717
Labels
bugSomething isn't working
@mangyau

Description

@mangyau
mangyau
opened on Nov 14, 2022

Expected Behaviour

parameters.get_secret should fetch the secret and return it as a base64 decoded string.

Current Behaviour

Throws GetParameterError. It seems it is trying to get the "SecretString" key instead of "SecretBinary" when passing transform="binary"

Traceback (most recent call last):
  File "/home/mang/dev/Automation-Delivery/.venv/wb-env/lib/python3.8/site-packages/aws_lambda_powertools/utilities/parameters/base.py", line 128, in get
    value = self._get(name, **sdk_options)
  File "/home/mang/dev/Automation-Delivery/.venv/wb-env/lib/python3.8/site-packages/aws_lambda_powertools/utilities/parameters/secrets.py", line 99, in _get
    return self.client.get_secret_value(**sdk_options)["SecretString"]
KeyError: 'SecretString'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "lambda_secrets.py", line 27, in <module>
    print(get("TestBinary"))
  File "lambda_secrets.py", line 22, in get
    secret = parameters.get_secret(name, transform=secret_type)
  File "/home/mang/dev/Automation-Delivery/.venv/wb-env/lib/python3.8/site-packages/aws_lambda_powertools/utilities/parameters/secrets.py", line 164, in get_secret
    return DEFAULT_PROVIDERS["secrets"].get(
  File "/home/mang/dev/Automation-Delivery/.venv/wb-env/lib/python3.8/site-packages/aws_lambda_powertools/utilities/parameters/base.py", line 131, in get
    raise GetParameterError(str(exc))
aws_lambda_powertools.utilities.parameters.exceptions.GetParameterError: 'SecretString'

Code snippet

Check that secret exists.

$ aws secretsmanager get-secret-value --secret-id TestBinary
{
    "ARN": "arn:aws:secretsmanager:us-east-1:031105607515:secret:TestBinary-lTpJMU",
    "Name": "TestBinary",
    "VersionId": "7fc877c7-08af-4feb-adc9-abe3cbbf1103",
    "SecretBinary": "YmluYXJ5IHRlc3Q=",
    "VersionStages": [
        "AWSCURRENT"
    ],
    "CreatedDate": "2022-11-14T14:18:25.723000-05:00"
}

Try to fetch the secret in Python

parameters.get_secret("TestBinary", transform="binary")

Possible Solution

No response

Steps to Reproduce

see the code snippet above.

AWS Lambda Powertools for Python version

latest

AWS Lambda function runtime

3.9

Packaging format used

PyPi

Debugging logs

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions