Skip to content

Conversation

@leandrodamascena
Copy link
Contributor

@leandrodamascena leandrodamascena commented Jul 29, 2025

Issue number: #4200

Summary

Changes

This pull request implements batch secrets retrieval functionality for AWS Secrets Manager using the batch_get_secret_value API. The implementation introduces a new get_secrets_by_name() function that provides a interface similar to the existing get_parameters_by_name function, allowing users to retrieve multiple secrets in a single API call for significant performance improvements and cost optimization.

User experience

Before this change:

Users had to make individual API calls for each secret, resulting in poor performance and higher costs:

# 3 separate API calls - slow and expensive
db_password = get_secret("database/password")
api_key = get_secret("api/key") 
jwt_secret = get_secret("jwt/secret")

After this change:
Users can retrieve multiple secrets in a single API call with the same familiar interface:

# 1 API call for all secrets - fast and cost-effective
secrets = get_secrets_by_name([
    "database/password",
    "api/key", 
    "jwt/secret"
])
 
# With transforms and caching
secrets = get_secrets_by_name(
    names=["config-secret"],
    transform="json",
    max_age=600
)

Checklist

If your change doesn't seem to apply, please leave them unchecked.

Is this a breaking change?

RFC issue number: N/A - This is a non-breaking additive feature

Checklist:

  • Migration process documented (No migration needed - existing code continues to work unchanged)
  • Implement warnings (No warnings needed - this is purely additive functionality)

Acknowledgment

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@leandrodamascena leandrodamascena requested a review from a team as a code owner July 29, 2025 14:13
@boring-cyborg boring-cyborg bot added documentation Improvements or additions to documentation tests labels Jul 29, 2025
@pull-request-size pull-request-size bot added the size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. label Jul 29, 2025
@leandrodamascena leandrodamascena self-assigned this Jul 29, 2025
@leandrodamascena leandrodamascena linked an issue Jul 29, 2025 that may be closed by this pull request
2 tasks
@github-actions github-actions bot added feature New feature or functionality and removed documentation Improvements or additions to documentation labels Jul 29, 2025
@boring-cyborg boring-cyborg bot added the documentation Improvements or additions to documentation label Jul 29, 2025
@github-actions github-actions bot removed the documentation Improvements or additions to documentation label Jul 29, 2025
@codecov
Copy link

codecov bot commented Jul 29, 2025

Codecov Report

❌ Patch coverage is 96.87500% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 96.34%. Comparing base (d997beb) to head (eb37d8d).
⚠️ Report is 2 commits behind head on develop.

Files with missing lines Patch % Lines
..._lambda_powertools/utilities/parameters/secrets.py 96.77% 0 Missing and 2 partials ⚠️
Additional details and impacted files
@@           Coverage Diff            @@
##           develop    #7058   +/-   ##
========================================
  Coverage    96.33%   96.34%           
========================================
  Files          275      275           
  Lines        12921    12980   +59     
  Branches       953      965   +12     
========================================
+ Hits         12448    12505   +57     
  Misses         367      367           
- Partials       106      108    +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@boring-cyborg boring-cyborg bot added the documentation Improvements or additions to documentation label Jul 29, 2025
@github-actions github-actions bot removed the documentation Improvements or additions to documentation label Jul 29, 2025
@boring-cyborg boring-cyborg bot added the documentation Improvements or additions to documentation label Jul 31, 2025
@leandrodamascena leandrodamascena requested review from dreamorosi and removed request for anafalcao July 31, 2025 09:34
@github-actions github-actions bot removed the documentation Improvements or additions to documentation label Jul 31, 2025
@boring-cyborg boring-cyborg bot added the documentation Improvements or additions to documentation label Jul 31, 2025
@github-actions github-actions bot removed the documentation Improvements or additions to documentation label Jul 31, 2025
@boring-cyborg boring-cyborg bot added the documentation Improvements or additions to documentation label Jul 31, 2025
@github-actions github-actions bot removed the documentation Improvements or additions to documentation label Jul 31, 2025
@sonarqubecloud
Copy link

@leandrodamascena leandrodamascena merged commit 88c309d into develop Jul 31, 2025
17 checks passed
@leandrodamascena leandrodamascena deleted the feat/batch-secrets branch July 31, 2025 15:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

feature New feature or functionality size/XL Denotes a PR that changes 500-999 lines, ignoring generated files. tests

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Feature request: Support for retrieving batch of secrets

2 participants