Fetch from AWS Secrets Manager now returns value

The secret value is now returned instead of the object wrapper provided by the AWS SKD. Usage in recipe now looks like this: value = secret(name: "test1", service: :aws_secrets_manager, config: { region: "us-west-1" }) log "My secret is #{value}" Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
author: Marc A. Paradise <marc.paradise@gmail.com> 2021-07-14 12:33:05 -0400
committer: Marc A. Paradise <marc.paradise@gmail.com> 2021-07-14 12:33:05 -0400
commit: caa148bc753fa5e51dfe9be03e7ec0d5acf8a5bb (patch)
tree: 97d0b04453f82fbc122ecc0aa6adcb5e09689555
parent: e84b64a0979b8eea734b23625652d408149809ca (diff)
download: chef-caa148bc753fa5e51dfe9be03e7ec0d5acf8a5bb.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/chef/secret_fetcher/aws_secrets_manager.rb b/lib/chef/secret_fetcher/aws_secrets_manager.rb
index 0dfb99b023..f5508cf59b 100644
--- a/lib/chef/secret_fetcher/aws_secrets_manager.rb
+++ b/lib/chef/secret_fetcher/aws_secrets_manager.rb
@@ -50,7 +50,9 @@ class Chef
       # @param identifier [String] the secret_id
       # @return Aws::SecretsManager::Types::GetSecretValueResponse
       def do_fetch(identifier)
-        client.get_secret_value(secret_id: identifier)
+        result = client.get_secret_value(secret_id: identifier)
+        # These fields are mutually exclusive
+        result.secret_string || result.secret_binary
       end
 
       def client
author	Marc A. Paradise <marc.paradise@gmail.com>	2021-07-14 12:33:05 -0400
committer	Marc A. Paradise <marc.paradise@gmail.com>	2021-07-14 12:33:05 -0400
commit	caa148bc753fa5e51dfe9be03e7ec0d5acf8a5bb (patch)
tree	97d0b04453f82fbc122ecc0aa6adcb5e09689555
parent	e84b64a0979b8eea734b23625652d408149809ca (diff)
download	chef-caa148bc753fa5e51dfe9be03e7ec0d5acf8a5bb.tar.gz