Tcl
Tcl
AWS Secrets Manager - Get Secret Value
See more AWS Secrets Manager Examples
Retrieves the contents of the encrypted fields SecretString or SecretBinary from the specified version of a secret, whichever contains content.Chilkat Tcl Downloads
load ./chilkat.dll
set success 0
# This example requires the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.
# Sends the following sample request.
# Note: Chilkat will automatically add Content-Length, X-Amz-Date, Accept-Encoding, and Authorization
# POST / HTTP/1.1
# Host: secretsmanager.region.domain
# Accept-Encoding: identity
# X-Amz-Target: secretsmanager.GetSecretValue
# Content-Type: application/x-amz-json-1.1
# X-Amz-Date: <date>
# Authorization: AWS4-HMAC-SHA256 Credential=<credentials>,SignedHeaders=<headers>, Signature=<signature>
# Content-Length: <payload-size-bytes>
#
# {
# "SecretId": "MyTestDatabaseSecret",
# }
set rest [new_CkRest]
# Connect to the Amazon AWS REST server.
# such as https://secretsmanager.us-west-2.amazonaws.com/
set bTls 1
set port 443
set bAutoReconnect 1
set success [CkRest_Connect $rest "secretsmanager.us-west-2.amazonaws.com" $port $bTls $bAutoReconnect]
# Provide AWS credentials for the REST call.
set authAws [new_CkAuthAws]
CkAuthAws_put_AccessKey $authAws "AWS_ACCESS_KEY"
CkAuthAws_put_SecretKey $authAws "AWS_SECRET_KEY"
# the region should match our URL above..
CkAuthAws_put_Region $authAws "us-west-2"
CkAuthAws_put_ServiceName $authAws "secretsmanager"
CkRest_SetAuthAws $rest $authAws
# Use this online tool to generate code from sample JSON:
# Generate Code to Create JSON
set json [new_CkJsonObject]
CkJsonObject_UpdateString $json "SecretId" "MyTestDatabaseSecret2"
CkRest_AddHeader $rest "Content-Type" "application/x-amz-json-1.1"
CkRest_AddHeader $rest "X-Amz-Target" "secretsmanager.GetSecretValue"
set sbRequestBody [new_CkStringBuilder]
CkJsonObject_EmitSb $json $sbRequestBody
set sbResponseBody [new_CkStringBuilder]
set success [CkRest_FullRequestSb $rest "POST" "/" $sbRequestBody $sbResponseBody]
if {$success != 1} then {
puts [CkRest_lastErrorText $rest]
delete_CkRest $rest
delete_CkAuthAws $authAws
delete_CkJsonObject $json
delete_CkStringBuilder $sbRequestBody
delete_CkStringBuilder $sbResponseBody
exit
}
set respStatusCode [CkRest_get_ResponseStatusCode $rest]
puts "response status code = $respStatusCode"
set jResp [new_CkJsonObject]
CkJsonObject_put_EmitCompact $jResp 0
CkJsonObject_LoadSb $jResp $sbResponseBody
if {$respStatusCode >= 400} then {
puts "Response Status Code = $respStatusCode"
puts "Response Header:"
puts [CkRest_responseHeader $rest]
puts "Response Body:"
puts [CkJsonObject_emit $jResp]
delete_CkRest $rest
delete_CkAuthAws $authAws
delete_CkJsonObject $json
delete_CkStringBuilder $sbRequestBody
delete_CkStringBuilder $sbResponseBody
delete_CkJsonObject $jResp
exit
}
puts "Response Body:"
puts [CkJsonObject_emit $jResp]
# Sample response body:
# {
# "ARN":"arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
# "CreatedDate":1.523477145713E9,
# "Name":"MyTestDatabaseSecret",
# "SecretString":"{\n \"username\":\"david\",\n \"password\":\"BnQw&XDWgaEeT9XGTT29\"\n}\n",
# "VersionId":"EXAMPLE1-90ab-cdef-fedc-ba987SECRET1"
# }
# Use this online tool to generate parsing code from sample JSON:
# Generate Parsing Code from JSON
set ARN [CkJsonObject_stringOf $jResp "ARN"]
set CreatedDate [CkJsonObject_stringOf $jResp "CreatedDate"]
set Name [CkJsonObject_stringOf $jResp "Name"]
set SecretString [CkJsonObject_stringOf $jResp "SecretString"]
set VersionId [CkJsonObject_stringOf $jResp "VersionId"]
delete_CkRest $rest
delete_CkAuthAws $authAws
delete_CkJsonObject $json
delete_CkStringBuilder $sbRequestBody
delete_CkStringBuilder $sbResponseBody
delete_CkJsonObject $jResp