SecretsManagerClient
Open source
RSS
SecretsManagerClient
SecretsManagerClient
interacts with the AWS Secrets Manager.
With it, you can perform several operations such as listing, creating and downloading secrets owned by the authenticated user. For a full list of supported operations, see Methods.
SecretsManagerClient
is included in both the dedicated jslib secrets-manager.js
bundle, and the aws.js
one, containing all the services clients.
Methods
Function | Description |
---|---|
listSecrets() | List secrets owned by the authenticated user |
getSecret(secretID) | Download a secret |
createSecret(name, secretString, description, [versionID], [tags]) | Create a new secret |
putSecretValue(secretID, secretString, [versionID]) | Update a secret |
deleteSecret(secretID, { recoveryWindow: 30, noRecovery: false}}) | Delete a secret |
Throws
S3 Client methods will throw errors in case of failure.
Error | Condition |
---|---|
InvalidSignatureError | when invalid credentials were provided. |
SecretsManagerServiceError | when AWS replied to the requested operation with an error. |
Example
JavaScript
import exec from 'k6/execution';
import {
AWSConfig,
SecretsManagerClient,
} from 'https://jslib.k6.io/aws/0.12.3/secrets-manager.js';
const awsConfig = new AWSConfig({
region: __ENV.AWS_REGION,
accessKeyId: __ENV.AWS_ACCESS_KEY_ID,
secretAccessKey: __ENV.AWS_SECRET_ACCESS_KEY,
});
const secretsManager = new SecretsManagerClient(awsConfig);
const testSecretName = 'jslib-test-secret';
const testSecretValue = 'jslib-test-value';
export async function setup() {
// Let's make sure our test secret is created
const testSecret = await secretsManager.createSecret(
testSecretName,
testSecretValue,
'this is a test secret, delete me.'
);
// List the secrets the AWS authentication configuration
// gives us access to, and verify the creation was successful.
const secrets = await secretsManager.listSecrets();
if (!secrets.filter((s) => s.name === testSecret.name).length == 0) {
exec.test.abort('test secret not found');
}
}
export default async function () {
// Knnowing that we know the secret exist, let's update its value
const newTestSecretValue = 'new-test-value';
await secretsManager.putSecretValue(testSecretName, newTestSecretValue);
// Let's get its value and verify it was indeed updated
const updatedSecret = await secretsManager.getSecret(testSecretName);
if (updatedSecret.secret !== newTestSecretValue) {
exec.test.abort('unable to update test secret');
}
// Let's now use our secret in the context of our load test...
}
export async function teardown() {
// Finally, let's clean after ourselves and delete our test secret
await secretsManager.deleteSecret(testSecretName, { noRecovery: true });
}
Was this page helpful?
Related documentation
Related resources from Grafana Labs
Additional helpful documentation, links, and articles:
08 May

k6 1.0: How this long-awaited major release makes it easier to get started with testing
Grafana k6 v1.0 is here! k6 contributors will demonstrate features in the open source load testing tool, such as native extensibility (no more xk6 workarounds); the OpenAPI converter to streamline and automate the creation of TypeScript-based tests; and k6 Studio, a desktop application that simplifies performance testing for everyone.
60 min

Performance testing and observability in Grafana Cloud
In this webinar, learn how Grafana Cloud k6 offers you the best developer experience for performance testing.
60 min

User-centered observability: load testing, real user monitoring, and synthetics
Learn how to use load testing, synthetic monitoring, and real user monitoring (RUM) to understand end users' experience of your apps. Watch on demand.