cdk-secret-manager-wrapper-layer


Namecdk-secret-manager-wrapper-layer JSON
Version 2.1.145 PyPI version JSON
download
home_pagehttps://github.com/neilkuan/cdk-secret-manager-wrapper-layer.git
Summarycdk-secret-manager-wrapper-layer
upload_time2025-09-02 00:34:48
maintainerNone
docs_urlNone
authorNeil Kuan<guan840912@gmail.com>
requires_python~=3.9
licenseApache-2.0
keywords
VCS
bugtrack_url
requirements No requirements were recorded.
Travis-CI No Travis.
coveralls test coverage No coveralls.
            # `cdk-secret-manager-wrapper-layer`

that Lambda layer uses a wrapper script to fetch information from Secrets Manager and create environmental variables.

> idea from [source](https://github.com/aws-samples/aws-lambda-environmental-variables-from-aws-secrets-manager)

## Updates

**2025-03-02: v2.1.0**

* Added architecture parameter support for Lambda Layer
* Updated Python runtime from 3.9 to 3.13
* Fixed handler name in example code
* Improved layer initialization and referencing patterns
* Enhanced compatibility with AWS Lambda ARM64 architecture

## Example

```python
import { App, Stack, CfnOutput, Duration } from 'aws-cdk-lib';
import { Effect, PolicyStatement } from 'aws-cdk-lib/aws-iam';
import { Function, Runtime, Code, FunctionUrlAuthType, Architecture } from 'aws-cdk-lib/aws-lambda';
import { CfnSecret } from 'aws-cdk-lib/aws-secretsmanager';
import { SecretManagerWrapperLayer } from 'cdk-secret-manager-wrapper-layer';
const env = {
  region: process.env.CDK_DEFAULT_REGION,
  account: process.env.CDK_DEFAULT_ACCOUNT,
};
const app = new App();
const stack = new Stack(app, 'testing-stack', { env });

/**
 * Example create an Secret for testing.
 */
const secret = new CfnSecret(stack, 'MySecret', {
  secretString: JSON.stringify({
    KEY1: 'VALUE1',
    KEY2: 'VALUE2',
    KEY3: 'VALUE3',
  }),
});

const lambdaArchitecture = Architecture.X86_64;

const layer = new SecretManagerWrapperLayer(stack, 'SecretManagerWrapperLayer', {
  lambdaArchitecture,
});

const lambda = new Function(stack, 'fn', {
  runtime: Runtime.PYTHON_3_13,
  code: Code.fromInline(`
import os
def handler(events, contexts):
    env = {}
    env['KEY1'] = os.environ.get('KEY1', 'Not Found')
    env['KEY2'] = os.environ.get('KEY2', 'Not Found')
    env['KEY3'] = os.environ.get('KEY3', 'Not Found')
    return env
    `),
  handler: 'index.handler',
  layers: [layer.layerVersion],
  timeout: Duration.minutes(1),
  /**
   * you need to define this 4 environment various.
   */
  environment: {
    AWS_LAMBDA_EXEC_WRAPPER: '/opt/get-secrets-layer',
    SECRET_REGION: stack.region,
    SECRET_ARN: secret.ref,
    API_TIMEOUT: '5000',
  },
  architecture: lambdaArchitecture,
});

/**
 * Add Permission for lambda get secret value from secret manager.
 */
lambda.role!.addToPrincipalPolicy(
  new PolicyStatement({
    effect: Effect.ALLOW,
    actions: ['secretsmanager:GetSecretValue'],
    // Also you can use find from context.
    resources: [secret.ref],
  }),
);

/**
 * For Testing.
 */
const FnUrl = lambda.addFunctionUrl({
  authType: FunctionUrlAuthType.NONE,
});

new CfnOutput(stack, 'FnUrl', {
  value: FnUrl.url,
});
```

## Testing

```bash
# ex: curl https://sdfghjklertyuioxcvbnmghj.lambda-url.us-east-1.on.aws/
curl ${FnUrl}
{"KEY2":"VALUE2","KEY1":"VALUE1","KEY3":"VALUE3"}
```

            

Raw data

            {
    "_id": null,
    "home_page": "https://github.com/neilkuan/cdk-secret-manager-wrapper-layer.git",
    "name": "cdk-secret-manager-wrapper-layer",
    "maintainer": null,
    "docs_url": null,
    "requires_python": "~=3.9",
    "maintainer_email": null,
    "keywords": null,
    "author": "Neil Kuan<guan840912@gmail.com>",
    "author_email": null,
    "download_url": "https://files.pythonhosted.org/packages/e3/ce/2e7aceb43c6890b25bce81826704f355f82e9694c6df6ee048471c994ecf/cdk_secret_manager_wrapper_layer-2.1.145.tar.gz",
    "platform": null,
    "description": "# `cdk-secret-manager-wrapper-layer`\n\nthat Lambda layer uses a wrapper script to fetch information from Secrets Manager and create environmental variables.\n\n> idea from [source](https://github.com/aws-samples/aws-lambda-environmental-variables-from-aws-secrets-manager)\n\n## Updates\n\n**2025-03-02: v2.1.0**\n\n* Added architecture parameter support for Lambda Layer\n* Updated Python runtime from 3.9 to 3.13\n* Fixed handler name in example code\n* Improved layer initialization and referencing patterns\n* Enhanced compatibility with AWS Lambda ARM64 architecture\n\n## Example\n\n```python\nimport { App, Stack, CfnOutput, Duration } from 'aws-cdk-lib';\nimport { Effect, PolicyStatement } from 'aws-cdk-lib/aws-iam';\nimport { Function, Runtime, Code, FunctionUrlAuthType, Architecture } from 'aws-cdk-lib/aws-lambda';\nimport { CfnSecret } from 'aws-cdk-lib/aws-secretsmanager';\nimport { SecretManagerWrapperLayer } from 'cdk-secret-manager-wrapper-layer';\nconst env = {\n  region: process.env.CDK_DEFAULT_REGION,\n  account: process.env.CDK_DEFAULT_ACCOUNT,\n};\nconst app = new App();\nconst stack = new Stack(app, 'testing-stack', { env });\n\n/**\n * Example create an Secret for testing.\n */\nconst secret = new CfnSecret(stack, 'MySecret', {\n  secretString: JSON.stringify({\n    KEY1: 'VALUE1',\n    KEY2: 'VALUE2',\n    KEY3: 'VALUE3',\n  }),\n});\n\nconst lambdaArchitecture = Architecture.X86_64;\n\nconst layer = new SecretManagerWrapperLayer(stack, 'SecretManagerWrapperLayer', {\n  lambdaArchitecture,\n});\n\nconst lambda = new Function(stack, 'fn', {\n  runtime: Runtime.PYTHON_3_13,\n  code: Code.fromInline(`\nimport os\ndef handler(events, contexts):\n    env = {}\n    env['KEY1'] = os.environ.get('KEY1', 'Not Found')\n    env['KEY2'] = os.environ.get('KEY2', 'Not Found')\n    env['KEY3'] = os.environ.get('KEY3', 'Not Found')\n    return env\n    `),\n  handler: 'index.handler',\n  layers: [layer.layerVersion],\n  timeout: Duration.minutes(1),\n  /**\n   * you need to define this 4 environment various.\n   */\n  environment: {\n    AWS_LAMBDA_EXEC_WRAPPER: '/opt/get-secrets-layer',\n    SECRET_REGION: stack.region,\n    SECRET_ARN: secret.ref,\n    API_TIMEOUT: '5000',\n  },\n  architecture: lambdaArchitecture,\n});\n\n/**\n * Add Permission for lambda get secret value from secret manager.\n */\nlambda.role!.addToPrincipalPolicy(\n  new PolicyStatement({\n    effect: Effect.ALLOW,\n    actions: ['secretsmanager:GetSecretValue'],\n    // Also you can use find from context.\n    resources: [secret.ref],\n  }),\n);\n\n/**\n * For Testing.\n */\nconst FnUrl = lambda.addFunctionUrl({\n  authType: FunctionUrlAuthType.NONE,\n});\n\nnew CfnOutput(stack, 'FnUrl', {\n  value: FnUrl.url,\n});\n```\n\n## Testing\n\n```bash\n# ex: curl https://sdfghjklertyuioxcvbnmghj.lambda-url.us-east-1.on.aws/\ncurl ${FnUrl}\n{\"KEY2\":\"VALUE2\",\"KEY1\":\"VALUE1\",\"KEY3\":\"VALUE3\"}\n```\n",
    "bugtrack_url": null,
    "license": "Apache-2.0",
    "summary": "cdk-secret-manager-wrapper-layer",
    "version": "2.1.145",
    "project_urls": {
        "Homepage": "https://github.com/neilkuan/cdk-secret-manager-wrapper-layer.git",
        "Source": "https://github.com/neilkuan/cdk-secret-manager-wrapper-layer.git"
    },
    "split_keywords": [],
    "urls": [
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "98d23846b8b1aed071e288b51952d64a733c2592d9350578b1c3dc5ff94bb402",
                "md5": "cfc1add62f760dd2104e322451520e7e",
                "sha256": "2ad0ce080a850b930860fc4eb3cac4d19a773c5e0409d4548711302921c661ce"
            },
            "downloads": -1,
            "filename": "cdk_secret_manager_wrapper_layer-2.1.145-py3-none-any.whl",
            "has_sig": false,
            "md5_digest": "cfc1add62f760dd2104e322451520e7e",
            "packagetype": "bdist_wheel",
            "python_version": "py3",
            "requires_python": "~=3.9",
            "size": 41466,
            "upload_time": "2025-09-02T00:34:45",
            "upload_time_iso_8601": "2025-09-02T00:34:45.613794Z",
            "url": "https://files.pythonhosted.org/packages/98/d2/3846b8b1aed071e288b51952d64a733c2592d9350578b1c3dc5ff94bb402/cdk_secret_manager_wrapper_layer-2.1.145-py3-none-any.whl",
            "yanked": false,
            "yanked_reason": null
        },
        {
            "comment_text": null,
            "digests": {
                "blake2b_256": "e3ce2e7aceb43c6890b25bce81826704f355f82e9694c6df6ee048471c994ecf",
                "md5": "c02c9aa2a275fb9d5d2bbd182cf9b71a",
                "sha256": "9f0cffa73798b0444dd3cbd6924548fcf31b4d339d9fa985a33481381a91a575"
            },
            "downloads": -1,
            "filename": "cdk_secret_manager_wrapper_layer-2.1.145.tar.gz",
            "has_sig": false,
            "md5_digest": "c02c9aa2a275fb9d5d2bbd182cf9b71a",
            "packagetype": "sdist",
            "python_version": "source",
            "requires_python": "~=3.9",
            "size": 42358,
            "upload_time": "2025-09-02T00:34:48",
            "upload_time_iso_8601": "2025-09-02T00:34:48.255364Z",
            "url": "https://files.pythonhosted.org/packages/e3/ce/2e7aceb43c6890b25bce81826704f355f82e9694c6df6ee048471c994ecf/cdk_secret_manager_wrapper_layer-2.1.145.tar.gz",
            "yanked": false,
            "yanked_reason": null
        }
    ],
    "upload_time": "2025-09-02 00:34:48",
    "github": true,
    "gitlab": false,
    "bitbucket": false,
    "codeberg": false,
    "github_user": "neilkuan",
    "github_project": "cdk-secret-manager-wrapper-layer",
    "travis_ci": false,
    "coveralls": false,
    "github_actions": true,
    "lcname": "cdk-secret-manager-wrapper-layer"
}
        
Elapsed time: 2.08264s