airflow.contrib.secrets.aws_secrets_manager

Objects relating to sourcing secrets from AWS Secrets Manager

Module Contents

class airflow.contrib.secrets.aws_secrets_manager.SecretsManagerBackend(connections_prefix='airflow/connections', variables_prefix='airflow/variables', profile_name=None, sep='/', **kwargs)[source]

Bases: airflow.secrets.BaseSecretsBackend, airflow.utils.log.logging_mixin.LoggingMixin

Retrieves Connection or Variables from AWS Secrets Manager

Configurable via airflow.cfg like so:

[secrets]
backend = airflow.contrib.secrets.aws_secrets_manager.SecretsManagerBackend
backend_kwargs = {"connections_prefix": "airflow/connections"}

For example, if secrets prefix is airflow/connections/smtp_default, this would be accessible if you provide {"connections_prefix": "airflow/connections"} and request conn_id smtp_default. And if variables prefix is airflow/variables/hello, this would be accessible if you provide {"variables_prefix": "airflow/variables"} and request variable key hello.

You can also pass additional keyword arguments like aws_secret_access_key, aws_access_key_id or region_name to this class and they would be passed on to Boto3 client.

Parameters
  • connections_prefix (str) – Specifies the prefix of the secret to read to get Connections.

  • variables_prefix (str) – Specifies the prefix of the secret to read to get Variables.

  • profile_name (str) – The name of a profile to use. If not given, then the default profile is used.

  • sep (str) – separator used to concatenate secret_prefix and secret_id. Default: “/”

client(self)[source]

Create a Secrets Manager client

get_conn_uri(self, conn_id)[source]

Get Connection Value

Parameters

conn_id (str) – connection id

get_variable(self, key)[source]

Get Airflow Variable from Environment Variable

Parameters

key – Variable Key

Returns

Variable Value

_get_secret(self, path_prefix, secret_id)[source]

Get secret value from Secrets Manager

Parameters
  • path_prefix (str) – Prefix for the Path to get Secret

  • secret_id (str) – Secret Key