This is a very basic FastAPI application that makes use of Secrets Manager Providers like AWS & GCP.
You can take reference from the code for better understanding, below are listed a few points to be noted for using and managing secrets in Secrets Manager Provider.
-
AWS provides us option to add Other type of secret which basically allows us to store Key/Value pairs as secrets, this is very helpful as we can store lots of key value pairs and make use of them as a dictionary in Python code.
-
On the other hand, GCP does not allow this option and instead we have a text based input, but we can definitely enter JSON format there and store it and later on access this as a dictionary in Python code.
-
We are using
lru_cache
fromitertools
to cache our secrets once they have being retrieved in the Python code, which is a good way to fetch secrets very fast after initial loading but the secrets value won't change until the server has been restarted which is serving FastAPI app. -
AttrDict
-> This is a custom written utility which helps to convert a Python dict to a class object which has access to all the dict keys using.
notation. For e.g. if a secret is{"API_VERSION": "14"}
then usingAttrDict
instance we can access it usingattr_dict_instance.API_VERSION # output -> 14
-
We can even use region wise secrets by defining the secrets in multiple regions of Secrets Manager Provider (AWS / GCP). This can be helpful when we have different servers in different regions and we want to match the Secrets with those regions and access accordingly.