菜单
文档breadcrumb arrow Grafana k6breadcrumb arrow JavaScript APIbreadcrumb arrow jslibbreadcrumb arrow awsbreadcrumb arrow SecretsManagerClient
开源 RSS

SecretsManagerClient

SecretsManagerClient 与 AWS Secrets Manager 交互。

借助它,您可以执行多种操作,例如列出、创建和下载经身份验证用户拥有的密钥。有关支持操作的完整列表,请参阅方法

SecretsManagerClient 包含在专用的 jslib 包 secrets-manager.js 和包含所有服务客户端的 aws.js 中。

方法

函数描述
listSecrets()列出经身份验证用户拥有的密钥
getSecret(secretID)下载密钥
createSecret(name, secretString, description, [versionID], [tags])创建新密钥
putSecretValue(secretID, secretString, [versionID])更新密钥
deleteSecret(secretID, { recoveryWindow: 30, noRecovery: false}})删除密钥

抛出

S3 Client 方法在失败时会抛出错误。

Error条件
InvalidSignatureError当提供了无效凭证时。
SecretsManagerServiceError当 AWS 对请求的操作回复错误时。

示例

JavaScript 
import exec from 'k6/execution';

import {
  AWSConfig,
  SecretsManagerClient,
} from 'https://jslib.k6.io/aws/0.13.0/secrets-manager.js';

const awsConfig = new AWSConfig({
  region: __ENV.AWS_REGION,
  accessKeyId: __ENV.AWS_ACCESS_KEY_ID,
  secretAccessKey: __ENV.AWS_SECRET_ACCESS_KEY,
});

const secretsManager = new SecretsManagerClient(awsConfig);
const testSecretName = 'jslib-test-secret';
const testSecretValue = 'jslib-test-value';

export async function setup() {
  // Let's make sure our test secret is created
  const testSecret = await secretsManager.createSecret(
    testSecretName,
    testSecretValue,
    'this is a test secret, delete me.'
  );

  // List the secrets the AWS authentication configuration
  // gives us access to, and verify the creation was successful.
  const secrets = await secretsManager.listSecrets();
  if (!secrets.filter((s) => s.name === testSecret.name).length == 0) {
    exec.test.abort('test secret not found');
  }
}

export default async function () {
  // Knnowing that we know the secret exist, let's update its value
  const newTestSecretValue = 'new-test-value';
  await secretsManager.putSecretValue(testSecretName, newTestSecretValue);

  // Let's get its value and verify it was indeed updated
  const updatedSecret = await secretsManager.getSecret(testSecretName);
  if (updatedSecret.secret !== newTestSecretValue) {
    exec.test.abort('unable to update test secret');
  }

  // Let's now use our secret in the context of our load test...
}

export async function teardown() {
  // Finally, let's clean after ourselves and delete our test secret
  await secretsManager.deleteSecret(testSecretName, { noRecovery: true });
}