yujunjun/OpenMetadata
1
0
Fork 0
mirror of https://github.com/open-metadata/OpenMetadata.git synced 2025-07-18 22:53:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
OpenMetadata/openmetadata-airflow-apis/openmetadata_managed_apis/workflows/ingestion/credentials_builder.py
Nahuel 8691022d0f
AWS SSM secrets manager implementation on ingestion (#6805) 
* Implementation of AWS SSM as secrets manager

* Remove dead code

* Minor fixes

* Allow using default credentials in AWS client

* Fixed py style

* Fixed tests imports

* Minor changes

* Add patch to failing test

* Fix how we were storing dbtConfigSource

* Address PR comments
2022-08-19 16:15:40 +02:00

33 lines
1.2 KiB
Python
Raw Blame History

from airflow.configuration import conf
from pydantic import SecretStr
from metadata.generated.schema.entity.services.connections.metadata.openMetadataConnection import (
SecretsManagerProvider,
)
from metadata.generated.schema.security.credentials.awsCredentials import AWSCredentials
from metadata.utils.secrets.secrets_manager import SECRET_MANAGER_AIRFLOW_CONF
def build_aws_credentials():
if conf.has_section(SECRET_MANAGER_AIRFLOW_CONF):
credentials = AWSCredentials(
awsRegion=conf.get(SECRET_MANAGER_AIRFLOW_CONF, "aws_region", fallback="")
)
credentials.awsAccessKeyId = conf.get(
SECRET_MANAGER_AIRFLOW_CONF, "aws_access_key_id", fallback=""
)
credentials.awsSecretAccessKey = SecretStr(
conf.get(SECRET_MANAGER_AIRFLOW_CONF, "aws_secret_access_key", fallback="")
)
return credentials
return None
def build_secrets_manager_credentials(secrets_manager: SecretsManagerProvider):
if secrets_manager == SecretsManagerProvider.aws:
return build_aws_credentials()
if secrets_manager == SecretsManagerProvider.aws_ssm:
return build_aws_credentials()
else:
return None
Reference in New Issue View Git Blame Copy Permalink