Register
Login
Resources
Docs Blog Datasets Glossary Case Studies Tutorials & Webinars
Product
Data Engine LLMs Platform Enterprise
Pricing Explore
Connect to our Discord channel
Resources  
Docs Blog Datasets Glossary Case Studies Tutorials & Webinars
Explore Pricing
Product  
Data Engine LLMs Platform Enterprise
Connect to Dagshub Discord channel
Register
Login

Deci-AI
/
super-gradients
connected to https://github.com/Deci-AI/super-gradients.git

Watch 4
Issues 62 Pull Requests 44 Discussions 0

aws_secrets_manager_connector.py 7.0 KB
Permalink History Raw

You have to be logged in to leave a comment. Sign In
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128 
  1. import json
    2. 

  2. import logging
    3. 

  3. 

  4. from super_gradients.common import AWSConnector
    5. 

  5. from super_gradients.common import explicit_params_validation
    6. 

  6. 

  7. 

  8. class AWSSecretsManagerConnector:
    9. 

  9.     """
    10. 

  10.     AWSSecretsManagerConnector - This class handles the AWS Secrets Manager connection
    11. 

  11.     """
    12. 

  12.     __slots__ = []  # Making the class immutable for runtime safety
    13. 

  13.     current_environment_client = None
    14. 

  14.     DECI_ENVIRONMENTS = ['research', 'development', 'staging', 'production']
    15. 

  15. 

  16.     @staticmethod
    17. 

  17.     @explicit_params_validation(validation_type='NoneOrEmpty')
    18. 

  18.     def get_secret_value_for_secret_key(aws_env: str, secret_name: str, secret_key: str) -> str:
    19. 

  19.         """
    20. 

  20.         get_secret_value_for_secret_key - Gets a Secret Value from AWS Secrets Manager for the Provided Key
    21. 

  21.             :param aws_env:         The environment to get the secret for
    22. 

  22.             :param secret_name: The Secret Name stored in Secrets Manager
    23. 

  23.             :param secret_key:  The Secret Key To retrieve it's value from AWS
    24. 

  24.             :return:  str: The Secret Value
    25. 

  25.         """
    26. 

  26.         current_class_name = __class__.__name__
    27. 

  27.         logger = logging.getLogger(current_class_name)
    28. 

  28.         secret_key = secret_key.upper()
    29. 

  29.         aws_secrets_dict = AWSSecretsManagerConnector.__get_secrets_manager_dict_for_secret_name(
    30. 

  30.             aws_env=aws_env, secret_name=secret_name)
    31. 

  31. 

  32.         secret_key = '.'.join([aws_env.upper(), secret_key])
    33. 

  33.         if secret_key not in aws_secrets_dict.keys():
    34. 

  34.             error = f'[{current_class_name}] - Secret Key ({secret_key}) not Found in AWS Secret: ' + secret_name
    35. 

  35.             logger.error(error)
    36. 

  36.             raise EnvironmentError(error)
    37. 

  37.         else:
    38. 

  38.             return aws_secrets_dict[secret_key]
    39. 

  39. 

  40.     @staticmethod
    41. 

  41.     @explicit_params_validation(validation_type='NoneOrEmpty')
    42. 

  42.     def get_secret_values_dict_for_secret_key_properties(env: str, secret_key: str, secret_name: str,
    43. 

  43.                                                          db_properties_set: set = None) -> dict:
    44. 

  44.         """
    45. 

  45.         get_config_dict - Returns the config dict of the properties from the properties dict
    46. 

  46.             :param  env:                The environment to open the dict for
    47. 

  47.             :param  secret_key:         The Secret Key
    48. 

  48.             :param  secret_name:        The Secret to Retrieve to from AWS secrets manager (usually project name)
    49. 

  49.             :param  db_properties_set:  The set of the properties to get secrets values for
    50. 

  50.             :return:  dict The secrets dict for the requested property
    51. 

  51.         """
    52. 

  52.         current_class_name = __class__.__name__
    53. 

  53.         logger = logging.getLogger(current_class_name)
    54. 

  54.         aws_secrets_dict = AWSSecretsManagerConnector.__get_secrets_manager_dict_for_secret_name(
    55. 

  55.             aws_env=env, secret_name=secret_name)
    56. 

  56. 

  57.         aws_env_safe_secrets = {}
    58. 

  58.         # FILL THE DICT VALUES FROM THE AWS SECRETS RESPONSE
    59. 

  59.         if db_properties_set:
    60. 

  60.             for secret_key_property in db_properties_set:
    61. 

  61.                 secret_key_to_retrieve = '.'.join([env.upper(), secret_key, secret_key_property])
    62. 

  62.                 if secret_key_to_retrieve not in aws_secrets_dict:
    63. 

  63.                     error = f'[{current_class_name}] - Error retrieving data from AWS Secrets Manager for Secret Key "{secret_name}": The secret property "{secret_key_property}" Does Not Exist'
    64. 

  64.                     logger.error(error)
    65. 

  65.                     raise EnvironmentError(error)
    66. 

  66.                 else:
    67. 

  67.                     env_stripped_key_name = secret_key_to_retrieve.lstrip(env.upper()).lstrip('.')
    68. 

  68.                     aws_env_safe_secrets[env_stripped_key_name] = aws_secrets_dict[secret_key_to_retrieve]
    69. 

  69.         else:
    70. 

  70.             # "db_properties_set" is not specified - validating and returning all the secret keys and values for the secret name.
    71. 

  71.             for secret_key_name, secret_value in aws_secrets_dict.items():
    72. 

  72.                 secret_key_to_retrieve = '.'.join([env.upper(), secret_key])
    73. 

  73.                 assert secret_key_name.startswith(
    74. 

  74.                     env.upper()), f'The secret key property "{secret_key_name}", found in secret named {secret_name},' \
    75. 

  75.                                   f' is not following the convention of environment prefix. please add the environment prefix "{env.upper()}" to property "{secret_key_name}"'
    76. 

  76.                 if secret_key_name.startswith(secret_key_to_retrieve):
    77. 

  77.                     env_stripped_key_name = secret_key_name.lstrip(env.upper()).lstrip('.')
    78. 

  78.                     aws_env_safe_secrets[env_stripped_key_name] = secret_value
    79. 

  79.         return aws_env_safe_secrets
    80. 

  80. 

  81.     @staticmethod
    82. 

  82.     def __get_secrets_manager_dict_for_secret_name(aws_env: str, secret_name: str) -> dict:
    83. 

  83.         """
    84. 

  84.         __get_secrets_manager_dict_for_secret_name
    85. 

  85.             :param  aws_env:                The environment to open the dict for
    86. 

  86.             :param  secret_name:        The Secret to Retrieve to from AWS secrets manager (usually project name)
    87. 

  87.             :return: python Dictionary with the key/value pairs stored in AWS Secrets Manager
    88. 

  88.         """
    89. 

  89.         current_class_name = __class__.__name__
    90. 

  90.         logger = logging.getLogger(current_class_name)
    91. 

  91. 

  92.         secrets_path = AWSSecretsManagerConnector.__get_secrets_path_from_secret_name(aws_env, secret_name)
    93. 

  93. 

  94.         try:
    95. 

  95.             if not AWSSecretsManagerConnector.current_environment_client:
    96. 

  96.                 logger.debug('Initializing a new secrets manager client...')
    97. 

  97.                 AWSSecretsManagerConnector.current_environment_client = AWSConnector.get_aws_client_for_service_name(
    98. 

  98.                     profile_name=aws_env,
    99. 

  99.                     service_name='secretsmanager')
    100. 

  100.             logger.debug(f'Fetching the secret "{secret_name}" in env "{aws_env}"')
    101. 

  101.             aws_secrets = AWSSecretsManagerConnector.current_environment_client.get_secret_value(SecretId=secrets_path)
    102. 

  102.             aws_secrets_dict = json.loads(aws_secrets['SecretString'])
    103. 

  103.             return aws_secrets_dict
    104. 

  104. 

  105.         except Exception as ex:
    106. 

  106.             error = '[' + current_class_name + '] - Caught Exception while trying to connect to aws to get credentials from secrets manager: ' + '"' + str(
    107. 

  107.                 ex) + '"' + ' for ' + str(secrets_path)
    108. 

  108.             logger.error(error)
    109. 

  109.             raise EnvironmentError(error)
    110. 

  110. 

  111.     @staticmethod
    112. 

  112.     def __get_secrets_path_from_secret_name(aws_env: str, secret_name: str) -> str:
    113. 

  113.         """
    114. 

  114.         __get_secrets_path_from_secret_name - Extracts the full secret path based on the Environment
    115. 

  115.         :param aws_env:         Env
    116. 

  116.         :param secret_name: Secret Name
    117. 

  117.         :return:     str:   The full secret path
    118. 

  118.         """
    119. 

  119.         current_class_name = __class__.__name__
    120. 

  120.         logger = logging.getLogger(current_class_name)
    121. 

  121. 

  122.         # Checking for lowercase exact match, in order to prevent any implicit usage of the environments.
    123. 

  123.         if aws_env not in AWSSecretsManagerConnector.DECI_ENVIRONMENTS:
    124. 

  124.             logger.critical('[' + current_class_name + ' ] -  wrong environment param... Exiting')
    125. 

  125.             raise Exception('[' + current_class_name + '] - wrong environment param')
    126. 

  126. 

  127.         secrets_path = '/'.join([aws_env, secret_name])
    128. 

  128.         return secrets_path
    129.
Prev
Next
Tip!

Press p or to see the previous file or, n or to see the next file

Comments

Write Preview
Loading...
Integrate AWS S3
Use S3 remote
Select bucket
Access key
Finish

Use AWS S3 as storage!

Browsing data directories saved to S3 is possible with DAGsHub. Let's configure your repository to easily display your data in the context of any commit!

Specify your S3 bucket

Access key (If needed)

Congratulations!

super-gradients is now integrated with AWS S3!

Delete Storage Key

Are you sure you want to delete this access key?

No
Yes
Integrate Google Cloud Storage
Use Google Storage
Select bucket
Upload key
Finish

Use Google Cloud Storage!

Browsing data directories saved to Google Cloud Storage is possible with DAGsHub. Let's configure your repository to easily display your data in the context of any commit!

Specify your Google Storage bucket

Service Account Key

Congratulations!

super-gradients is now integrated with Google Cloud Storage!

Delete Storage Key

Are you sure you want to delete this access key?

No
Yes
Integrate Azure Cloud Storage
Use Azure Storage
Select bucket
Set key
Finish

Use Azure Cloud Storage!

Browsing data directories saved to Azure Cloud Storage is possible with DAGsHub. Let's configure your repository to easily display your data in the context of any commit!

Specify your Azure Storage bucket

Access key (If needed)

Congratulations!

super-gradients is now integrated with Azure Cloud Storage!

Delete Storage Key

Are you sure you want to delete this access key?

No
Yes
Integrate S3 compatible storage
Use S3 like remote
Select bucket
Access key
Finish

Use any S3 compatible storage!

Browsing data directories saved to S3 compatible storage is possible with DAGsHub. Let's configure your repository to easily display your data in the context of any commit!

Specify your S3 bucket

Bucket name cannot be the same as the repository name. Please change one of them.

Access key (If needed)

Congratulations!

super-gradients is now integrated with your S3 compatible storage!

Delete Storage Key

Are you sure you want to delete this access key?

No
Yes