Fetch from AWS Secrets Manager now returns value

The secret value is now returned instead of the object wrapper provided by the AWS SKD. Usage in recipe now looks like this: value = secret(name: "test1", service: :aws_secrets_manager, config: { region: "us-west-1" }) log "My secret is #{value}" Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
author: Marc A. Paradise <marc.paradise@gmail.com> 2021-07-14 12:33:05 -0400
committer: John McCrae <john.mccrae@progress.com> 2021-07-16 15:38:17 -0700
commit: d81e9230b69244309821bfae5e33866d457a7cd6 (patch)
tree: d7ff4761e1512bc9808f700c0abf6b51eae12959
parent: 84787e2a95698354177712934a6611c29620d5eb (diff)
download: chef-d81e9230b69244309821bfae5e33866d457a7cd6.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/chef/secret_fetcher/aws_secrets_manager.rb b/lib/chef/secret_fetcher/aws_secrets_manager.rb
index 0dfb99b023..f5508cf59b 100644
--- a/lib/chef/secret_fetcher/aws_secrets_manager.rb
+++ b/lib/chef/secret_fetcher/aws_secrets_manager.rb
@@ -50,7 +50,9 @@ class Chef
       # @param identifier [String] the secret_id
       # @return Aws::SecretsManager::Types::GetSecretValueResponse
       def do_fetch(identifier)
-        client.get_secret_value(secret_id: identifier)
+        result = client.get_secret_value(secret_id: identifier)
+        # These fields are mutually exclusive
+        result.secret_string || result.secret_binary
       end
 
       def client
author	Marc A. Paradise <marc.paradise@gmail.com>	2021-07-14 12:33:05 -0400
committer	John McCrae <john.mccrae@progress.com>	2021-07-16 15:38:17 -0700
commit	d81e9230b69244309821bfae5e33866d457a7cd6 (patch)
tree	d7ff4761e1512bc9808f700c0abf6b51eae12959
parent	84787e2a95698354177712934a6611c29620d5eb (diff)
download	chef-d81e9230b69244309821bfae5e33866d457a7cd6.tar.gz