Added secretsmanager secrets

client/client.go

@@ -51,6 +51,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/s3"
 	s3control "github.com/aws/aws-sdk-go-v2/service/s3control"
 	"github.com/aws/aws-sdk-go-v2/service/sagemaker"
+	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
 	"github.com/aws/aws-sdk-go-v2/service/sns"
 	"github.com/aws/aws-sdk-go-v2/service/sqs"
 	"github.com/aws/aws-sdk-go-v2/service/ssm"
@@ -130,6 +131,7 @@ type Services struct {
 	S3Manager            S3ManagerClient
 	SSM                  SSMClient
 	SageMaker            SageMakerClient
+	SecretsManager       SecretsManagerClient
 	SQS                  SQSClient
 	Apigateway           ApigatewayClient
 	Apigatewayv2         Apigatewayv2Client
@@ -394,6 +396,7 @@ func initServices(region string, c aws.Config) Services {
 		S3Control:            s3control.NewFromConfig(awsCfg),
 		S3Manager:            newS3ManagerFromConfig(awsCfg),
 		SageMaker:            sagemaker.NewFromConfig(awsCfg),
+		SecretsManager:       secretsmanager.NewFromConfig(awsCfg),
 		SNS:                  sns.NewFromConfig(awsCfg),
 		SSM:                  ssm.NewFromConfig(awsCfg),
 		SQS:                  sqs.NewFromConfig(awsCfg),

client/services.go

@@ -41,6 +41,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/service/s3"
 	s3control "github.com/aws/aws-sdk-go-v2/service/s3control"
 	"github.com/aws/aws-sdk-go-v2/service/sagemaker"
+	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
 	"github.com/aws/aws-sdk-go-v2/service/sns"
 	"github.com/aws/aws-sdk-go-v2/service/sqs"
 	"github.com/aws/aws-sdk-go-v2/service/ssm"
@@ -490,3 +491,10 @@ type CodebuildClient interface {
 	BatchGetProjects(ctx context.Context, params *codebuild.BatchGetProjectsInput, optFns ...func(*codebuild.Options)) (*codebuild.BatchGetProjectsOutput, error)
 	ListProjects(ctx context.Context, params *codebuild.ListProjectsInput, optFns ...func(*codebuild.Options)) (*codebuild.ListProjectsOutput, error)
 }
+
+//go:generate mockgen -package=mocks -destination=./mocks/mock_secrets_manager.go . SecretsManagerClient
+type SecretsManagerClient interface {
+	ListSecrets(ctx context.Context, params *secretsmanager.ListSecretsInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.ListSecretsOutput, error)
+	DescribeSecret(ctx context.Context, params *secretsmanager.DescribeSecretInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.DescribeSecretOutput, error)
+	GetResourcePolicy(ctx context.Context, params *secretsmanager.GetResourcePolicyInput, optFns ...func(*secretsmanager.Options)) (*secretsmanager.GetResourcePolicyOutput, error)
+}

docs/tables/aws_secretsmanager_secrets.md

@@ -0,0 +1,26 @@
+
+# Table: aws_secretsmanager_secrets
+A structure that contains the details about a secret
+## Columns
+| Name        | Type           | Description  |
+| ------------- | ------------- | -----  |
+|account_id|text|The AWS Account ID of the resource.|
+|region|text|The AWS Region of the resource.|
+|policy|jsonb|A JSON-formatted string that describes the permissions that are associated with the attached secret.|
+|replication_status|jsonb|A replication object consisting of a RegionReplicationStatus object and includes a Region, KMSKeyId, status, and status message.|
+|arn|text|The Amazon Resource Name (ARN) of the secret|
+|created_date|timestamp without time zone|The date and time when a secret was created.|
+|deleted_date|timestamp without time zone|The date and time the deletion of the secret occurred|
+|description|text|The user-provided description of the secret.|
+|kms_key_id|text|The ARN or alias of the Amazon Web Services KMS customer master key (CMK) used to encrypt the SecretString and SecretBinary fields in each version of the secret|
+|last_accessed_date|timestamp without time zone|The last date that this secret was accessed|
+|last_changed_date|timestamp without time zone|The last date and time that this secret was modified in any way.|
+|last_rotated_date|timestamp without time zone|The most recent date and time that the Secrets Manager rotation process was successfully completed|
+|name|text|The friendly name of the secret|
+|owning_service|text|Returns the name of the service that created the secret.|
+|primary_region|text|The Region where Secrets Manager originated the secret.|
+|rotation_enabled|boolean|Indicates whether automatic, scheduled rotation is enabled for this secret.|
+|rotation_lambda_arn|text|The ARN of an Amazon Web Services Lambda function invoked by Secrets Manager to rotate and expire the secret either automatically per the schedule or manually by a call to RotateSecret.|
+|rotation_rules_automatically_after_days|bigint|Specifies the number of days between automatic scheduled rotations of the secret|
+|secret_versions_to_stages|jsonb|A list of all of the currently assigned SecretVersionStage staging labels and the SecretVersionId attached to each one|
+|tags|jsonb|The list of user-defined tags associated with the secret|

go.mod

@@ -137,7 +137,7 @@ require (
 )
 
 require (
-	github.com/aws/aws-sdk-go v1.17.7
+	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.10.1
 	github.com/aws/aws-sdk-go-v2/service/ssm v1.16.0
 )
 

go.sum

@@ -253,6 +253,8 @@ github.com/aws/aws-sdk-go-v2/service/s3control v1.14.1 h1:Nmcb6pxJtjJof+mmF9TJvy
 github.com/aws/aws-sdk-go-v2/service/s3control v1.14.1/go.mod h1:dTnxIRqR69JUZobQDUh47rlbYe8PzTd0k4o+gDkHeV4=
 github.com/aws/aws-sdk-go-v2/service/sagemaker v1.19.1 h1:cy6fUlP94vzD/0VUD3SWGUBfYrOr+zP+ChsTxUtZydQ=
 github.com/aws/aws-sdk-go-v2/service/sagemaker v1.19.1/go.mod h1:G9AcXDbGtZVA8XBdmpbVQv1lvmiuk4I9n2MQlp1FJ9k=
+github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.10.1 h1:e0gg30cCKsNHV+WD17zbzipx5nYRrnb+4Y5wO5pap80=
+github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.10.1/go.mod h1:vUIn46AiFjPEm4/ALXV1weLTEWu37mF6OfLMw5vxG2Q=
 github.com/aws/aws-sdk-go-v2/service/sns v1.1.2 h1:1U/FujyBEkNwrvANUcZFuVnAQqy0EAUEGToso5Dcijs=
 github.com/aws/aws-sdk-go-v2/service/sns v1.1.2/go.mod h1:/vvAGyo3/TG5CSrJQarIlwzjE6O/DjBIvJTRkpYkvwA=
 github.com/aws/aws-sdk-go-v2/service/sqs v1.9.1 h1:8m+6iuSldxMrVQbjHRcWPnUxdpD3RCPtacmFFNkR4Vw=

resources/integration_tests/aws_secretsmanager_secrets_test.go

@@ -0,0 +1,28 @@
+package integration_tests
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/cloudquery/cq-provider-aws/resources"
+	providertest "github.com/cloudquery/cq-provider-sdk/provider/testing"
+)
+
+func TestIntegrationSecretsmanagerSecrets(t *testing.T) {
+	awsTestIntegrationHelper(t, resources.SecretsmanagerSecrets(), []string{"aws_secretsmanager_secrets.tf"}, func(res *providertest.ResourceIntegrationTestData) providertest.ResourceIntegrationVerification {
+		return providertest.ResourceIntegrationVerification{
+			Name: "aws_secretsmanager_secrets",
+			ExpectedValues: []providertest.ExpectedValue{{
+				Count: 1,
+				Data: map[string]interface{}{
+					"name": fmt.Sprintf("secretsmanager-secret-%s%s", res.Prefix, res.Suffix),
+					"tags": map[string]interface{}{
+						"TestId": res.Suffix,
+						"Type":   "integration_test",
+						"Name":   fmt.Sprintf("secretsmanager-secret-%s%s", res.Prefix, res.Suffix),
+					},
+				},
+			}},
+		}
+	})
+}