The "Sticky Note" Problem
Welcome to Day 8. Today started the implementation of my AI Financial Agent. The first requirement is connecting to the Open Banking API (GoCardless).
To do this, I have a Secret ID and a Token. If I write these in my code, I am one git push away from a security disaster.
The Solution: AWS Secrets Manager
Today I learned how to decouple configuration from code.
Step 1: Create the Secret
I went to the AWS Console -> Secrets Manager -> Store a new secret. I entered my key/value pairs there.
Step 2: The IAM Role
My Lambda function needs permission to open that safe. I added a policy to my Lambda execution role: secretsmanager:GetSecretValue.
Step 3: The Python Code (Boto3)
Instead of a variable string, I used the Boto3 library:
Python
import boto3
def get_secret():
client = boto3.client('secretsmanager')
response = client.get_secret_value(SecretId='MyBankKey')
return response['SecretString']
Now, my code is clean, secure, and ready for production.
Top comments (0)