lambda_runtime_types

Module rotate

Source
Available on crate features rotate_rusoto or rotate_aws_sdk only.
Expand description

Provides types for lambdas used for Secret Manager rotation.

§Usage

#[derive(Clone, Debug, serde::Serialize, serde::Deserialize)]
struct Secret {
    user: String,
    password: String,
}

struct Runner;

#[async_trait::async_trait]
impl<'a> lambda_runtime_types::rotate::RotateRunner<'a, (), Secret> for Runner {
    async fn setup(region: &'a str) -> anyhow::Result<()> {
        // Setup logging to make sure that errors are printed
        Ok(())
    }

    async fn create(
        shared: &'a (),
        secret_cur: lambda_runtime_types::rotate::SecretContainer<Secret>,
        smc: &lambda_runtime_types::rotate::Smc,
    ) -> anyhow::Result<lambda_runtime_types::rotate::SecretContainer<Secret>> {
        // Create a new secret without setting it yet.
        // Only called if there is no pending secret available
        // (which may happen if rotation fails at any stage)  
        unimplemented!()
    }

    async fn set(
        shared: &'a (),
        secret_cur: lambda_runtime_types::rotate::SecretContainer<Secret>,
        secret_new: lambda_runtime_types::rotate::SecretContainer<Secret>,
    ) -> anyhow::Result<()> {
        // Set the secret in the service
        // Only called if password is not already set, checked by  
        // calling [`test`] with new password beforehand. The reason
        // for that it, that a failure in a later stage means all
        // stages are called again with set failing as the old password
        // does not work anymore
        Ok(())
    }

    async fn test(
        shared: &'a (),
        secret_new: lambda_runtime_types::rotate::SecretContainer<Secret>,
    ) -> anyhow::Result<()> {
        // Test whether a connection with the given secret works
        Ok(())
    }

    async fn finish(
        shared: &'a (),
        secret_cur: lambda_runtime_types::rotate::SecretContainer<Secret>,
        secret_new: lambda_runtime_types::rotate::SecretContainer<Secret>,
    ) -> anyhow::Result<()> {
        // Optional: Perform any work which may be necessary to
        // complete rotation
        Ok(())
    }

}

pub fn main() -> anyhow::Result<()> {
    lambda_runtime_types::exec_tokio::<_, _, Runner, _>()
}

For further usage like Shared Data, refer to the main documentation

Structs§

Event
Event which is send by the SecretManager to the rotation lambda
SecretContainer
Transparent container to inner value. Prevents accidental override of values not defined by S
Smc
Secret Manager Client

Enums§

Step
Available steps for in a Secret Manager rotation

Traits§

RotateRunner
Defines a type which is executed every time a lambda is invoced. This type is made for SecretManager rotation lambdas.