Secrets
A clearskies secrets manager.
Overview
This is the base class for all secrets implementations, providing a unified interface for secret operations across different backends. It manages secret retrieval, creation, and updates, and supports optional cache storage.
Cache Storage
The cache_storage parameter accepts an instance of a subclass of SecretCache. This enables flexible caching strategies, such as AWS Parameter Store, AWS Secrets Manager, Redis, or any other cache backend. Concrete implementations can be created as needed.
Example: Custom Cache Storage
from clearskies.secrets.cache_storage import SecretCache
import clearskies
class MyCache(SecretCache):
def get(self, path: str) -> str | None:
# Retrieve from your cache
return None
def set(self, path: str, value: str, ttl: int | None = None) -> None:
# Store in your cache
pass
def delete(self, path: str) -> None:
# Remove from your cache
pass
def clear(self) -> None:
# Clear all cached secrets
pass
secrets = clearskies.secrets.Akeyless(
access_id="p-abc123",
access_type="aws_iam",
cache_storage=MyCache(),
)
secret_value = secrets.get("/path/to/secret")
Attributes
cache_storage: Optional cache storage configuration (SecretCache subclass).