HomeDocumentationDiscussions
Documentation

Secrets Manager

Suggest Edits

This module provides secure access to a secret storage system.

It allows reading, writing, and deleting secrets, ensuring that sensitive data is handled with appropriate security measures. Access to the secret storage is controlled through API keys and requires authentication.

Important Security Notes:

  • API Keys: API keys are used to authenticate with the secret storage.
    Treat API keys as highly sensitive credentials and never expose them in logs or public repositories.
  • Encryption: Secrets are stored encrypted at rest and are only decrypted in memory when accessed by authorized users or processes.
  • Access Control: This module should implement strict access control policies, limiting access to secrets based on user roles and permissions.
  • Auditing: All operations (read, write, delete) should be logged for auditing purposes, recording the user, timestamp, and operation details.
  • Error Handling: The module should handle potential errors gracefully, such as authentication failures, invalid secrets, or storage errors, without revealing sensitive information in error messages.
  • Dependencies: Be extremely cautious when adding external dependencies to minimize the risk of supply-chain attacks.

Methods

read

Reads a secret from the secret storage.

Args:
path (str): The path to the secret to read.

Returns:
str: The value of the secret if found, otherwise None.

Raises:
RuntimeError: If there is an error accessing the secret storage.

Security:
- Only returns the secret to authorized users or processes.
- Logs the read operation for auditing.

write

Writes or updates a secret in the secret storage.

Args:
path (str): The name of the secret to write.
value (str): The value of the secret.
group (str): The group that has access to the secret.
permissions (str): The permissions for the group, resembling Unix-style permissions. Example: "rwrw--", which means that owner and group can read and write, while others can't do anything.
environment (str): The environment to write the secret to. Only a member of the secrets_admin group can write to environments other than dev.

Raises:
RuntimeError: If there is an error accessing the secret storage.

Security:
- Only allows authorized users or processes to write secrets.
- Logs the write operation for auditing.

delete

Deletes a secret from the secret storage.

Args:
path (str): The name of the secret to delete.

Raises:
RuntimeError: If there is an error accessing the secret storage.

Security:
- Only allows authorized users or processes to delete secrets.
- Logs the delete operation for auditing.

Usage Example:

 import dt.secrets

# Read a secret
secret_value = dt.secrets.read("my_secret_name")
print(f"The value of my_secret_name is: {secret_value}")

# Write a secret
dt.secrets.write("another_secret", "this_is_the_secret_value", group="dtusers", permissions="rwr---")

# Delete a secret
dt.secrets.delete("another_secret")

# Trying to read a non existing secret will raise a RuntimeError
try:
    print(dt.secrets.read('another_secret'))
except RuntimeError as e:
    assert str(e) == 'No entry found for key: another_secret'

Updated about 16 hours ago