fixing fetch secret manager via arn

2019-11-23 09:29:30 +03:00 · 2019-11-23 09:29:30 +03:00 · b31f31d214
commit b31f31d214
parent 502957f1f9
2 changed files with 21 additions and 1 deletions
--- a/moto/secretsmanager/models.py
+++ b/moto/secretsmanager/models.py
@ -44,7 +44,15 @@ class SecretsManagerBackend(BaseBackend):
        return (dt - epoch).total_seconds()

    def get_secret_value(self, secret_id, version_id, version_stage):
-
+        # can fetch by both arn and by name
+        # but we are storing via name
+        # so we need to change the arn to name
+        # if it starts with arn then the secret id is arn
+        if secret_id.startswith("arn:aws:secretsmanager:%s" % self.region):
+            # split the arn by colon
+            # then get the last value which is the name appended with a random string
+            # then remove the random string
+            secret_id = '-'.join(secret_id.split(':')[-1].split('-')[:-1])
        if not self._is_valid_identifier(secret_id):
            raise SecretNotFoundException()

--- a/tests/test_secretsmanager/test_secretsmanager.py
+++ b/tests/test_secretsmanager/test_secretsmanager.py
@ -26,6 +26,18 @@ def test_get_secret_value():
    assert result["SecretString"] == "foosecret"


+@mock_secretsmanager
+def test_get_secret_value_by_arn():
+    conn = boto3.client("secretsmanager", region_name="us-west-2")
+
+    secret_value = "test_get_secret_value_by_arn"
+    result = conn.create_secret(
+        Name="java-util-test-password", SecretString=secret_value
+    )
+    result = conn.get_secret_value(SecretId=result["ARN"])
+    assert result["SecretString"] == secret_value
+
+
@mock_secretsmanager
 def test_get_secret_value_binary():
    conn = boto3.client("secretsmanager", region_name="us-west-2")