fluidasserts.cloud.aws.secretsmanager module

AWS cloud checks (Secrets Manager).

fluidasserts.cloud.aws.secretsmanager.has_automatic_rotation_disabled(key_id, secret, retry=True)

Check if automatic rotation is enabled for AWS Secrets Manager secrets.

Parameters
  • key_id (str) – AWS Key Id.

  • secret (str) – AWS Key Secret.

Returns

  • OPEN if there are secrets with rotation disabled. key provided by KMS. Encryption enabled.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result

fluidasserts.cloud.aws.secretsmanager.secrets_encrypted_with_default_keys(key_id, secret, retry=True)

Check if the secrets are encrypted using the default encryption key.

Parameters
  • key_id (str) – AWS Key Id.

  • secret (str) – AWS Key Secret.

Returns

  • OPEN if there are secrets encrypted with default key provided by KMS. Encryption enabled.

  • UNKNOWN on errors.

  • CLOSED otherwise.

Return type

fluidasserts.Result