async function checkSecretsManager()

in source/custom-resource/index.ts [418:459]

• 33 lines of code
• 7 McCabe index (conditional complexity)

async function checkSecretsManager(requestProperties: CheckSecretManagerRequestProperties): Promise<{ Message: string; ARN: string }> {
  const { SecretsManagerName, SecretsManagerKey } = requestProperties;

  if (isNullOrWhiteSpace(SecretsManagerName)) {
    throw new CustomResourceError('SecretNotProvided', 'You need to provide AWS Secrets Manager secret.');
  }

  if (isNullOrWhiteSpace(SecretsManagerKey)) {
    throw new CustomResourceError('SecretKeyNotProvided', 'You need to provide AWS Secrets Manager secret key.');
  }

  let arn = '';

  for (let retry = 1; retry <= RETRY_COUNT; retry++) {
    try {
      const response = await secretsManager.getSecretValue({ SecretId: SecretsManagerName }).promise();
      const secretString = JSON.parse(response.SecretString);

      if (!Object.prototype.hasOwnProperty.call(secretString, SecretsManagerKey)) {
        throw new CustomResourceError('SecretKeyNotFound', `AWS Secrets Manager secret requires ${SecretsManagerKey} key.`);
      }

      arn = response.ARN;
      break;
    } catch (error) {
      if (retry === RETRY_COUNT) {
        console.error(`AWS Secrets Manager secret or signature might not exist: ${SecretsManagerName}/${SecretsManagerKey}`);

        throw error;
      } else {
        console.info('Waiting for retry...');

        await sleep(getRetryTimeout(retry));
      }
    }
  }

  return {
    Message: 'Secrets Manager validated.',
    ARN: arn
  };
}