{"id":18930076,"url":"https://github.com/labd/mach-component-aws-commercetools-token-refresher","last_synced_at":"2025-04-15T15:31:17.403Z","repository":{"id":40367009,"uuid":"319676304","full_name":"labd/mach-component-aws-commercetools-token-refresher","owner":"labd","description":"Terraform module that runs a Lambda function to auto-refresh commercetools auth tokens in AWS Secrets Manager","archived":false,"fork":false,"pushed_at":"2023-10-18T02:02:12.000Z","size":60,"stargazers_count":3,"open_issues_count":6,"forks_count":1,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-03-28T22:51:11.113Z","etag":null,"topics":["commercetools","mach","terraform"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/labd.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-12-08T15:14:27.000Z","updated_at":"2023-02-04T06:13:22.000Z","dependencies_parsed_at":"2024-11-08T11:41:39.246Z","dependency_job_id":"6183c5fa-ca75-4087-ab0a-694bcdead30d","html_url":"https://github.com/labd/mach-component-aws-commercetools-token-refresher","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labd%2Fmach-component-aws-commercetools-token-refresher","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labd%2Fmach-component-aws-commercetools-token-refresher/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labd%2Fmach-component-aws-commercetools-token-refresher/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/labd%2Fmach-component-aws-commercetools-token-refresher/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/labd","download_url":"https://codeload.github.com/labd/mach-component-aws-commercetools-token-refresher/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249097902,"owners_count":21212372,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["commercetools","mach","terraform"],"created_at":"2024-11-08T11:36:28.745Z","updated_at":"2025-04-15T15:31:15.964Z","avatar_url":"https://github.com/labd.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Commercetools token refresher for AWS\n\nRefresh Commercetools access token secrets by asking for a new token. 10 minutes after initial token request the Commercetools API returns a new token.\nThey both still work until their expiry date.\n\nThis component is for AWS, there is also a [GCP version](https://github.com/mach-composer/mach-component-gcp-commercetools-token-refresher)\n\n## Usage\n\n\nUse the following attributes to configure this component in MACH:\n\n```yaml\nsites:\n  - identifier: some site\n    components:\n    - name: ct-refresher\n...\n\ncomponents:\n- name: ct-refresher\n  source: git::https://github.com/labd/mach-component-aws-commercetools-token-refresher.git//terraform\n  version: \u003cgit hash of version you want to release\u003e\n  integrations: [\"aws\", \"commercetools\", \"sentry\"]\n```\n\nOther components must configure their commercetools secrets with a reference to this refresher.\n\n```terraform\nlocals {\n  ct_scopes = formatlist(\"%s:%s\", [\n    \"manage_orders\",\n    \"view_orders\",\n    \"manage_payments\",\n    \"view_payments\"\n  ], var.ct_project_key)\n}\n\nmodule \"ct_secret\" {\n  source = \"git::https://github.com/labd/mach-component-aws-commercetools-token-refresher.git//terraform/secret\"\n\n  name   = \"\u003cyour-component-name\u003e\"\n  site   = var.site\n  scopes = local.ct_scopes\n\n  # Optional; KMS key to use for the secret\n  kms_key_id = \"\u003cyour-kms-key-id\u003e\"\n}\n```\n\nIn your lambda function you can pass the reference to the secretsmanager value as\n```\nCT_ACCESS_TOKEN_SECRET_NAME = module.ct_secret.name\n```\n\n### Running in VPC\n\nBy providing VPC information through the variables, the rotator lambda can be run within the VPC;\n\n```yaml\nsites:\n  - identifier: some site\n    components:\n    - name: ct-refresher\n      variables:\n        vpc:\n          id: \u003cyour-vpc-id\u003e\n          subnet_ids: \u003cyour-subnet-ids\u003e\n          ingress_subnet: \u003cyour-ingress-subnet\u003e\n```\n\n\n### Adding KMS keys\n\nKMS keys can be provided through the `kms_keys` object;\n\n\n```yaml\nsites:\n  - identifier: some site\n    components:\n    - name: ct-refresher\n      variables:\n        kms_keys:\n          cloudwatch: \u003ccloudwatch-kms-key\u003e\n          lambda: \u003clambda-kms-key\u003e\n          secretmanager: \u003csecretmanager-kms-key\u003e\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flabd%2Fmach-component-aws-commercetools-token-refresher","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Flabd%2Fmach-component-aws-commercetools-token-refresher","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Flabd%2Fmach-component-aws-commercetools-token-refresher/lists"}