-
Notifications
You must be signed in to change notification settings - Fork 52
/
Copy pathmain.py
58 lines (46 loc) · 1.5 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
import ConfigParser
import logging
import time
import boto3
from bottle import get, run
logging.basicConfig()
__logger = logging.getLogger(__name__)
@get('/healthcheck')
def healthcheck():
return "Hello World!"
@get('/sleep/<secs>')
def sleep(secs):
time.sleep(float(secs))
return 'sleep for {} secs'.format(secs)
_SECRET_NAME = 'SECRET_NAME'
_REGION = 'REGION'
@get('/secret')
def get_secret():
region = None
secret = None
import os
# get parms from env vars first
if _SECRET_NAME in os.environ:
secret = os.environ[_SECRET_NAME]
region = os.environ[_REGION]
else:
# otherwise, get from secret.ini
parser = ConfigParser.RawConfigParser()
p = os.path.join(os.path.abspath(os.path.dirname(__file__)), 'conf', 'secret.ini')
parser.read(p)
region = parser.get('aws', 'region')
secret = parser.get('secret', 'var_name')
return _get_secret(secret, region)
def _get_secret(secret_name, region_name):
client = boto3.client('ssm', region_name=region_name)
response = client.get_parameter(Name=secret_name, WithDecryption=False)
secret = response['Parameter']['Value']
# decrypt data here
from base64 import b64decode
secret = boto3.client('kms', region_name=region_name).decrypt(CiphertextBlob=b64decode(secret))['Plaintext']
return {'Name': secret_name, 'Value': secret}
@get('/')
def welcome():
return 'Welcome to my home'
if __name__ == '__main__':
run(host='0.0.0.0', port=8080, debug=False)