Skip to content

ovotech/ciris-aws-ssm

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

100 Commits
.github
.github
 
 
project
project
 
 
src
src
 
 
.gitignore
.gitignore
 
 
.scalafmt.conf
.scalafmt.conf
 
 
build.sbt
build.sbt
 
 
license.txt
license.txt
 
 
readme.md
readme.md
 
 
tag.sh
tag.sh
 
 

Repository files navigation

Ciris AWS SSM

Amazon EC2 Systems Manager (also known as Simple Systems Manager or SSM) support for Ciris.

Enables us to load parameters of type "string" or "secure string" from the SSM parameter store.

See this blog for more information about using SSM's parameter store to manage secrets.

Getting Started

To get started with sbt, simply add the following lines to your build.sbt file.

resolvers += "Kaluza artifactory" at "https://kaluza.jfrog.io/artifactory/maven"

libraryDependencies += "com.ovoenergy" %% "ciris-aws-ssm" % "LATEST_VERSION"

The library is published against cats effect 3, for both Scala 2.12 and 2.13.

Usage

import cats.effect.{IO, IOApp}
import cats.implicits._
import ciris.Secret
import ciris.aws.ssm._

object Main extends IOApp.Simple {

  final case class Config(
     username: String,
     password: Secret[String],
     port: Int,
     apiKey: Option[String]
  )

  def loadConfig: IO[Config] = 
    params[IO].flatMap { param =>
      (
        param("/myapp/password").secret,
        param("/myapp/port").as[Int],
        param("/myapp/api-key").option
        ).parMapN { (password, port, apiKey) =>
        Config(username = "Dave", password = password, port = port, apiKey = apiKey)
      }
    }.load

  override def run: IO[Unit] =
    loadConfig.flatMap(cfg => IO.println(s"Config loaded: $cfg"))

}

The params[F] function returns a ciris ConfigValue loader. On invocation of the (flatMapped) param(name) function, this loader will make a GetParameterRequest to the underlying SsmAsyncClient, (decrypting the value if encrypted).

The params[F] function uses the AWS SDK's default SsmAsyncClient configuration, but there are alternate functions for construction:

import ciris.aws.ssm._
import cats.effect.IO
import software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider
import software.amazon.awssdk.regions.Region
import software.amazon.awssdk.services.ssm.SsmAsyncClient

// use the default client, but with a region
params[IO](Region.EU_WEST_1)

// also define a custom creds provider
val customCreds = DefaultCredentialsProvider.builder().profileName("foo").build()
params[IO](Region.EU_WEST_1, customCreds)

// for most flexibility, configure the entire client yourself
val client = SsmAsyncClient.builder().httpClient(customClient).build()
params[IO](client)

Release

To release a new version use the following commands.

$ ./tag.sh
$ sbt +publish

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

10 stars

Watchers

39 watching

Forks

6 forks
Report repository

Releases 5

6.0.0 Latest
Jun 28, 2023
+ 4 releases

Packages

No packages published

Contributors 12

Languages