ERBzkAtL

· 5 years ago · Jan 25, 2021, 02:54 PM
1# Use this code snippet in your app.
2# If you need more information about configurations or implementing the sample code, visit the AWS docs:
3# https://aws.amazon.com/developers/getting-started/ruby/
4
5require 'aws-sdk-secretsmanager'
6require 'base64'
7
8def get_secret()
9  secret_name = "demo-staging-secret"
10  region_name = "ap-southeast-1"
11
12  client = Aws::SecretsManager::Client.new(region: region_name)
13
14  # In this sample we only handle the specific exceptions for the 'GetSecretValue' API.
15  # See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
16  # We rethrow the exception by default.
17  begin
18    get_secret_value_response = client.get_secret_value(secret_id: secret_name)
19  rescue Aws::SecretsManager::Errors::DecryptionFailure => e
20    # Secrets Manager can't decrypt the protected secret text using the provided KMS key.
21    # Deal with the exception here, and/or rethrow at your discretion.
22    raise
23  rescue Aws::SecretsManager::Errors::InternalServiceError => e
24    # An error occurred on the server side.
25    # Deal with the exception here, and/or rethrow at your discretion.
26    raise
27  rescue Aws::SecretsManager::Errors::InvalidParameterException => e
28    # You provided an invalid value for a parameter.
29    # Deal with the exception here, and/or rethrow at your discretion.
30    raise
31  rescue Aws::SecretsManager::Errors::InvalidRequestException => e
32    # You provided a parameter value that is not valid for the current state of the resource.
33    # Deal with the exception here, and/or rethrow at your discretion.
34    raise
35  rescue Aws::SecretsManager::Errors::ResourceNotFoundException => e
36    # We can't find the resource that you asked for.
37    # Deal with the exception here, and/or rethrow at your discretion.
38    raise
39  else
40    # This block is ran if there were no exceptions.
41
42    # Decrypts secret using the associated KMS CMK.
43    # Depending on whether the secret is a string or binary, one of these fields will be populated.
44    if get_secret_value_response.secret_string
45      secret = get_secret_value_response.secret_string
46    else
47      decoded_binary_secret = Base64.decode64(get_secret_value_response.secret_binary)
48    end
49
50    # Your code goes here.
51  end
52end
53