{"id":19540980,"url":"https://github.com/gdoermann/supersecret","last_synced_at":"2026-04-10T05:02:46.732Z","repository":{"id":88181357,"uuid":"606681608","full_name":"gdoermann/supersecret","owner":"gdoermann","description":"Quick and easy way to mange settings from AWS Secrets Manager.","archived":false,"fork":false,"pushed_at":"2024-10-21T05:55:51.000Z","size":44,"stargazers_count":4,"open_issues_count":5,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-04-19T20:55:04.568Z","etag":null,"topics":["aws","aws-secretsmanager","envrionment-configuration","python","secret-management","settings-management"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gdoermann.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2023-02-26T08:25:52.000Z","updated_at":"2023-10-16T15:27:21.000Z","dependencies_parsed_at":null,"dependency_job_id":"f6615108-795c-4711-8db1-188c018a3d89","html_url":"https://github.com/gdoermann/supersecret","commit_stats":{"total_commits":13,"total_committers":1,"mean_commits":13.0,"dds":0.0,"last_synced_commit":"82e7e2ecb3f1342b5a4e7f6895d58e00f85aefe4"},"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdoermann%2Fsupersecret","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdoermann%2Fsupersecret/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdoermann%2Fsupersecret/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gdoermann%2Fsupersecret/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gdoermann","download_url":"https://codeload.github.com/gdoermann/supersecret/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251017735,"owners_count":21523631,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-secretsmanager","envrionment-configuration","python","secret-management","settings-management"],"created_at":"2024-11-11T03:08:14.113Z","updated_at":"2026-04-10T05:02:41.698Z","avatar_url":"https://github.com/gdoermann.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"Super Secret Library\n====================\nA simple library for managing tiered AWS Secrets, parsing secret types, and merging secrets with envrionment variables. \n\n[![CircleCI](https://dl.circleci.com/status-badge/img/gh/gdoermann/supersecret/tree/main.svg?style=svg)](https://dl.circleci.com/status-badge/redirect/gh/gdoermann/supersecret/tree/main)\n\nAWS Secrets Manager is an amazing service that allows you to store secrets in a secure way.  \nThis package will allow you to load the secrets from AWS Secrets Manager.\n\n# Features\n* Parse secrets from AWS Secrets Manager\n* Lazy connection to AWS\n* Default to environment variables if secret key is not found (everything is optional!)\n* Environment variable overrides\n* Type casting (int, float, bool, list, dict, str)\n* Framework-agnostic, but integrates well with [Flask](https://flask.palletsprojects.com/en/1.1.x/) and [Django](https://www.djangoproject.com/)\n\n\n# Installation\n\n```bash\npip install supersecret\n```\n\nYou must have AWS credentials configured either through environment variables or through a credentials file.\nThis library uses boto3 to connect to AWS, so you can read more about that [here](https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html).\n\n# Basic Usage\n\nAfter setting up some environment variables:\n```bash\n####################################\n# AWS Settings\n####################################\n# AWS Secret Manager Secret Name\nexport SECRET_NAME=Dev_Secret\n\n```\n\nNow you can use the library to parse the secret values:\n\n```python\nfrom supersecret import SecretManager\nfrom supersecret import fields\n\nsecret_manager = SecretManager(\"SECRET_NAME\", region_name=\"us-east-1\") # `region` is optional\n\n# If you want to force the secret manager to connect to AWS and parse the secret\nsecret_manager.load()\n\n# If not, when called, secret manager will connect to AWS and parse the secret\nsecret_key = secret_manager.str(\"SECRET_KEY\")\n\n# You can also type cast the value\nmax_connections = secret_manager.int(\"max_connections\", default=100)\ndefault_charge = secret_manager.float(\"default_charge\")\nsome_decimal = secret_manager.decimal(\"some_decimal\")\ndebug = secret_manager.bool(\"debug\")\n\nallowed_hosts = secret_manager.list(\"allowed_hosts\", delimiter=\",\", subcast=fields.Str)\nadmins = secret_manager.choices(\"admins\")\n\ndatetime_modified = secret_manager.datetime(\"datetime_modified\", format=\"%Y-%m-%d %H:%M:%S\")\ncreated_date = secret_manager.date(\"created_date\", format=\"%Y-%m-%d\")\n\ndefault_start_time = secret_manager.time(\"default_start_time\", format=\"%H:%M:%S\")\ndefault_end_time = secret_manager.time(\"default_end_time\", format=\"%H:%M:%S\")\n\nmin_time_between_calls = secret_manager.timedelta(\"time_between_calls\")\nmax_time_between_calls = secret_manager.timedelta_seconds(\"max_time_between_calls\") # parse from seconds\n\nservice_uuid = secret_manager.uuid(\"service_id\", version=1)\nlog_level = secret_manager.log_level(\"log_level\")\n\nmedia_path = secret_manager.path(\"media_path\") # Parses to pathlib.Path object\n\n# Parsing a dictionary is a little different. Keys must all start with the same prefix.\n# The prefix is removed from the key when parsing the dictionary and the `dict` method returns\n# an AttrDict object.  Prefix should be formatted as follows: \"PREFIX__KEY\"\n\ndatabase_settings = secret_manager.dict(\"database_settings\", subcast_keys=fields.Str, subcast_values=fields.Int)\n\n```\n\nIf a value does not exist in the secret file, we will check the environment variables for a value.\nIf no value is found, you can specify a default value to return. \nIf no default value is specified, we will raise a `KeyError`.\n\n\n# Supported Types\n* `str`: String - This is the default type\n* `int`: Integer\n* `float`: Float\n* `decimal`: decimal.Decimal\n* `bool`: Boolean\n* `list`: List - You can specify a `delimiter` and a `subcast` type for list elements\n* `choices`: List[tuple] - You can specify a `delimiter` and a `subcast` type for list elements. Returns the form: [(key, value), (key, value)]\n* `datetime`: datetime.datetime - You can specify a `format` for the datetime string\n* `date`: datetime.date - You can specify a `format` for the date string\n* `time`: datetime.time - You can specify a `format` for the time string\n* `timedelta`: datetime.timedelta - Format must be in the form: \"HH:MM:SS\"\n* `timedelta_seconds`: datetime.timedelta - Parses from seconds\n* `uuid`: uuid.UUID - You can specify a `version` for the UUID. 1=Time-based, 3=Name-based, 4=Random, 5=Name-based\n* `log_level`: int - Parses a log level string to an int\n* `path`: pathlib.Path - Parses a string to a pathlib.Path object\n* `dict`: AttrDict - You can specify a `prefix` for the dictionary keys, a `subcast_keys` type, and a `subcast_values` type\n\n\n# Advanced Usage\n## Multiple Secret Merging\nYou can merge multiple secrets into a single secret manager.  \nThis is useful if you have multiple secrets you want to read from AWS manager and merge the values into a single object.\nAn example of this is if you have a `default` secret that has all the standard settings and then a `service` secret that has\nservice specific settings that may override the default settings.\n\n```python\nfrom supersecret.manager import SecretManager\n\nsecret_manager = SecretManager(\n    default_secret_name=\"my_default_secret\",\n    region_name=\"us-east-1\"\n)\n\nsecret_manager.load(\"second_secret\") # Loads with the same profile and region as the default secret\n\n# You can also connect to a completely different aws environment\nfrom botocore.config import Config\nimport boto3\n\nmy_config = Config(\n    region_name = 'us-west-2',\n    signature_version = 'v4',\n    retries = {\n        'max_attempts': 10,\n        'mode': 'standard'\n    }\n)\n\nnew_client = boto3.client('secretsmanager', config=my_config)\n\nsecret_manager.load(\"service\", client=new_client) # Loads from a completely different AWS environment/config\n\n```\n\nWhen you `load` a new secret, it will override any values in the existing secret. \nThe multi secret manager behaves like a single secret manager, so you can use the same methods to parse values.\n\n\n\n# Dependencies\nThis package requires the following libraries:\n* [boto3](https://boto3.amazonaws.com/v1/documentation/api/latest/index.html) library to connect to AWS.\n* [marshmallow](https://marshmallow.readthedocs.io/en/stable/) library to type cast values.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgdoermann%2Fsupersecret","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgdoermann%2Fsupersecret","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgdoermann%2Fsupersecret/lists"}