How do I use rotating secrets from AWS Secrets Manager with GE's datasource credentials?

rohit.parulkar · May 13, 2020, 6:04pm

Was able to figure this out with some help.

Configure the Redshift datasource to use environmental variables, as Eugene explained in this helpful post.

datasources:
    datawarehouse:
        class_name: SqlAlchemyDatasource
        data_asset_type:
            class_name: SqlAlchemyDataset
        module_name:
        credentials:
            drivername: postgresql+psycopg2
            host: myRedshiftHost
            port: '5439'
            database: myRedshiftDb
            username: ${GE_REDSHIFT_USERNAME}
            password: ${GE_REDSHIFT_PASSWORD}

Before invoking GE, set environmental variables using a separate python script. See this StackOverflow post for an explanation of how to do in boto3.

    cluster_creds = boto3.client('redshift').get_cluster_credentials(DbUser=RedshiftUser,
                                               DbName=RedshiftDb,
                                          ClusterIdentifier=RedshiftClusterId,
                                               AutoCreate=False)
os.environ['GE_REDSHIFT_USERNAME'] = cluster_creds['DbUser']
os.environ['GE_REDSHIFT_PASSWORD'] = cluster_creds['DbPassword']

Topic		Replies	Views
Environment variable substitution is not working for me when connecting GE to my database Archive	5	1635	October 29, 2020
Deploying Great Expectations with Google Cloud Composer (Hosted Airflow) Archive airflow , how-to	3	917	July 30, 2021
How to populate credentials from a secrets store Archive how-to , help-wanted	3	620	February 14, 2021
How to host Data Docs on GCS? Archive	6	809	May 15, 2020
GX Operator cannot locate my aws credentials GX Core Support airflow	0	28	September 12, 2024

How do I use rotating secrets from AWS Secrets Manager with GE's datasource credentials?

Related topics