def create_secret()

in lambda/lambda_function.py [0:0]

• 22 lines of code
• 3 McCabe index (conditional complexity)

def create_secret(service_client, arn, token):
    """Create the secret
    This method first checks for the existence of a secret for the passed in token. If one does not exist, it will generate a
    new secret and put it with the passed in token.
    Args:
        service_client (client): The secrets manager service client
        arn (string): The secret ARN or other identifier
        token (string): The ClientRequestToken associated with the secret version
    Raises:
        ResourceNotFoundException: If the secret with the specified arn and stage does not exist
    """
    # Make sure the current secret exists
    service_client.get_secret_value(
        SecretId=arn, 
        VersionStage="AWSCURRENT"
        )

    # Now try to get the secret version, if that fails, put a new secret
    try:
        service_client.get_secret_value(
            SecretId=arn, 
            VersionId=token, 
            VersionStage="AWSPENDING"
            )
        logger.info("createSecret: Successfully retrieved secret for %s." % arn)

    except service_client.exceptions.ResourceNotFoundException:

        # Generate a random password
        passwd = service_client.get_random_password(
            ExcludePunctuation = True
            )

        # Put the secret
        service_client.put_secret_value(
            SecretId=arn, 
            ClientRequestToken=token, 
            SecretString='{\"HEADERVALUE\":\"%s\"}' % passwd['RandomPassword'],
            VersionStages=['AWSPENDING'])

        logger.info("createSecret: Successfully put secret for ARN %s and version %s." % (arn, token))