mirror of
https://github.com/open-metadata/OpenMetadata.git
synced 2025-10-30 18:17:53 +00:00
43 lines
1.4 KiB
Python
43 lines
1.4 KiB
Python
from typing import Optional
|
|
|
|
from airflow.configuration import conf
|
|
|
|
from metadata.generated.schema.security.credentials.awsCredentials import AWSCredentials
|
|
from metadata.generated.schema.security.secrets.secretsManagerProvider import (
|
|
SecretsManagerProvider,
|
|
)
|
|
from metadata.ingestion.models.custom_pydantic import CustomSecretStr
|
|
from metadata.utils.secrets.secrets_manager import SECRET_MANAGER_AIRFLOW_CONF
|
|
|
|
|
|
def build_aws_credentials() -> Optional[AWSCredentials]:
|
|
if conf.has_section(SECRET_MANAGER_AIRFLOW_CONF):
|
|
credentials = AWSCredentials(
|
|
awsRegion=conf.get(SECRET_MANAGER_AIRFLOW_CONF, "aws_region", fallback="")
|
|
)
|
|
credentials.awsAccessKeyId = conf.get(
|
|
SECRET_MANAGER_AIRFLOW_CONF, "aws_access_key_id", fallback=""
|
|
)
|
|
credentials.awsSecretAccessKey = CustomSecretStr(
|
|
conf.get(SECRET_MANAGER_AIRFLOW_CONF, "aws_secret_access_key", fallback="")
|
|
)
|
|
return credentials
|
|
return None
|
|
|
|
|
|
def build_secrets_manager_credentials(
|
|
secrets_manager: SecretsManagerProvider,
|
|
) -> Optional[AWSCredentials]:
|
|
if secrets_manager in [
|
|
SecretsManagerProvider.aws,
|
|
SecretsManagerProvider.managed_aws,
|
|
]:
|
|
return build_aws_credentials()
|
|
if secrets_manager in [
|
|
SecretsManagerProvider.aws_ssm,
|
|
SecretsManagerProvider.managed_aws_ssm,
|
|
]:
|
|
return build_aws_credentials()
|
|
else:
|
|
return None
|