From 31564960f46308006db67b21daf73c83c74d6da4 Mon Sep 17 00:00:00 2001 From: abk Date: Thu, 25 May 2023 13:47:00 -0500 Subject: [PATCH 1/2] Lambda funcs to create the access_key and store in secrets mgr --- create-accesskeys-foruser.py | 23 +++++++++++++++++++++++ keyvalue-store-in-secretsmgr.py | 18 ++++++++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 create-accesskeys-foruser.py create mode 100644 keyvalue-store-in-secretsmgr.py diff --git a/create-accesskeys-foruser.py b/create-accesskeys-foruser.py new file mode 100644 index 0000000..20fb6fe --- /dev/null +++ b/create-accesskeys-foruser.py @@ -0,0 +1,23 @@ +import boto3 + +def lambda_handler(event, context): + # Replace 'YOUR_USER_NAME' with the actual IAM user name + user_name = 'YOUR_USER_NAME' + + # Create an IAM client + iam = boto3.client('iam') + + # Create a new access key for the user + response = iam.create_access_key(UserName=user_name) + + # Extract the new access key and secret access key + access_key_id = response['AccessKey']['AccessKeyId'] + secret_access_key = response['AccessKey']['SecretAccessKey'] + + # Return the new access key details + return { + 'AccessKeyId': access_key_id, + 'SecretAccessKey': secret_access_key + } + +#Make sure to replace 'YOUR_USER_NAME' with the actual IAM user diff --git a/keyvalue-store-in-secretsmgr.py b/keyvalue-store-in-secretsmgr.py new file mode 100644 index 0000000..ced458a --- /dev/null +++ b/keyvalue-store-in-secretsmgr.py @@ -0,0 +1,18 @@ +import boto3 + +def lambda_handler(event, context): + # Replace 'YOUR_SECRET_NAME' with the actual name of your secret in AWS Secrets Manager + secret_name = 'YOUR_SECRET_NAME' + + # Replace 'YOUR_KEY' and 'YOUR_VALUE' with the actual key-value pair you want to store + key = 'YOUR_KEY' + value = 'YOUR_VALUE' + + # Create a Secrets Manager client + client = boto3.client('secretsmanager') + + # Create or update the secret with the key-value pair + response = client.put_secret_value(SecretId=secret_name, SecretString={key: value}) + + # Return the response + return response From 676c5433d36eb5ed4ebbbcd528e5aa51704d4085 Mon Sep 17 00:00:00 2001 From: abk Date: Thu, 25 May 2023 14:15:37 -0500 Subject: [PATCH 2/2] Create keys and call Mulesoft API endpoint --- create-accesskeys-foruser.py | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/create-accesskeys-foruser.py b/create-accesskeys-foruser.py index 20fb6fe..b635c8d 100644 --- a/create-accesskeys-foruser.py +++ b/create-accesskeys-foruser.py @@ -1,9 +1,13 @@ import boto3 +import requests def lambda_handler(event, context): # Replace 'YOUR_USER_NAME' with the actual IAM user name user_name = 'YOUR_USER_NAME' + # Replace 'YOUR_MULESOFT_ENDPOINT' with the actual MuleSoft endpoint URL + mulesoft_endpoint = 'YOUR_MULESOFT_ENDPOINT' + # Create an IAM client iam = boto3.client('iam') @@ -14,10 +18,17 @@ def lambda_handler(event, context): access_key_id = response['AccessKey']['AccessKeyId'] secret_access_key = response['AccessKey']['SecretAccessKey'] - # Return the new access key details + # Prepare the payload for the MuleSoft request + payload = { + 'access_key_id': access_key_id, + 'secret_access_key': secret_access_key + } + + # Make a POST request to the MuleSoft endpoint + response = requests.post(mulesoft_endpoint, json=payload) + + # Return the MuleSoft response return { - 'AccessKeyId': access_key_id, - 'SecretAccessKey': secret_access_key + 'statusCode': response.status_code, + 'body': response.text } - -#Make sure to replace 'YOUR_USER_NAME' with the actual IAM user