protected async createAndStoreSecret()

in packages/aws-rfdk/lib/lambdas/nodejs/x509-certificate/handlers.ts [111:156]

• 46 lines of code
• 5 McCabe index (conditional complexity)

  protected async createAndStoreSecret(args: {
    readonly database: CompositeStringIndexTable,
    readonly name: string;
    readonly physicalId: string;
    readonly purpose: string;
    readonly data: string | Buffer;
    readonly description: string;
    readonly tags: Array<{ Key: string, Value: string }>;
    readonly encryptionKey?: Key
  }): Promise<string> {
    let secretArn: string;
    const existingItem = await args.database.getItem({
      primaryKeyValue: args.physicalId,
      sortKeyValue: args.purpose,
    });
    if (existingItem) {
      if (!existingItem.ARN) {
        throw Error("Database Item missing 'ARN' attribute");
      }
      secretArn = existingItem.ARN as string;
      const secret = Secret.fromArn(secretArn, this.secretsManagerClient);
      await secret.putValue(args.data);
    } else {
      const secret = await Secret.create({
        name: args.name,
        client: this.secretsManagerClient,
        description: args.description,
        data: args.data,
        tags: args.tags,
        encryptionKey: args.encryptionKey,
      });
      if (!secret || !secret.arn) {
        throw Error('Could not create Secret');
      }
      secretArn = secret.arn;
      await args.database.putItem({
        primaryKeyValue: args.physicalId,
        sortKeyValue: args.purpose,
        attributes: {
          ARN: secretArn,
        },
        allow_overwrite: false,
      });
    }
    return secretArn;
  }