Dagster & AWS Secrets Manager
This integration allows you to manage, retrieve, and rotate credentials, API keys, and other secrets using AWS Secrets Manager.
Installation
pip install dagster-aws
Examples
from dagster_aws.secretsmanager import (
SecretsManagerResource,
SecretsManagerSecretsResource,
)
import dagster as dg
@dg.asset
def my_asset(secretsmanager: SecretsManagerResource):
secret_value = secretsmanager.get_client().get_secret_value(
SecretId="arn:aws:secretsmanager:region:aws_account_id:secret:appauthexample-AbCdEf"
)
return secret_value
@dg.asset
def my_other_asset(secrets: SecretsManagerSecretsResource):
secret_value = secrets.fetch_secrets().get("my-secret-name")
return secret_value
defs = dg.Definitions(
assets=[my_asset, my_other_asset],
resources={
"secretsmanager": SecretsManagerResource(region_name="us-west-1"),
"secrets": SecretsManagerSecretsResource(
region_name="us-west-1",
secrets_tag="dagster",
),
},
)
About AWS Secrets Manager
AWS Secrets Manager helps you protect access to your applications, services, and IT resources without the upfront cost and complexity of managing your own hardware security module infrastructure. With Secrets Manager, you can rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. Users and applications retrieve secrets with a call to Secrets Manager APIs, eliminating the need to hardcode sensitive information in plain text.