-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsecurity.go
35 lines (32 loc) · 1.09 KB
/
security.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
// All networking services-related tagging functions
package main
import (
"log"
"strings"
"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/arn"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/secretsmanager"
)
// tagsecret tags a secret maintained by the Secrets Manager
func tagsecret(arnres arn.ARN, key, value string) error {
// resource types as per these docs:
// https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_TagResource.html
// for example:
// arn:aws:secretsmanager:us-west-2:123456789102:secret:mysecret-123456
region := arnres.Region
secretname := strings.Split(strings.Split(arnres.Resource, ":")[1], "-")[0]
log.Printf("Tagging secret '%s' in region '%s' with %s:%s",
secretname, region, key, value)
svc := secretsmanager.New(session.Must(session.NewSession()), aws.NewConfig().WithRegion(region))
_, err := svc.TagResource(&secretsmanager.TagResourceInput{
SecretId: aws.String(secretname),
Tags: []*secretsmanager.Tag{
{
Key: aws.String(key),
Value: aws.String(value),
},
},
})
return err
}