ministryofjustice / aws-secrets-cache-php
AWS Secrets Manager caching for PHP (Laminas, APCu cache storage, ENV-prefixed secrets).
Installs: 6 422
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 1
Open Issues: 2
pkg:composer/ministryofjustice/aws-secrets-cache-php
Requires
- php: ^8.2
- aws/aws-sdk-php: ^3.198
- laminas/laminas-cache: ^3.0
Requires (Dev)
- phpstan/phpstan: ^2.0
- phpunit/phpunit: ^10.5
- squizlabs/php_codesniffer: ^3.10
README
Reusable helper class to fetch secrets at runtime from AWS Secrets Manager with a cache to reduce duplicate requests.
Requires a pre-configured cache implementing StorageInterface from laminas-cache.
Installation
composer require ministryofjustice/aws-secrets-cache-php
Usage
use Aws\SecretsManager\SecretsManagerClient; use Laminas\Cache\Storage\StorageInterface; use MoJ\AwsSecretsCache\AwsSecretsCache; $storage = /** instanceof StorageInterface */; $smClient = new SecretsManagerClient([...]); $secretsCache = new AwsSecretsCache(null, $storage, $smClient); $mySecret = $secretsCache->getValue('my-secret');
The first parameter optionally defines a namespace that will apply to all secrets retrieved by that instance of the class. The following example would return the secret named namespace/my-secret:
$secretsCache = new AwsSecretsCache('namespace', ...); $myNamespacedSecret = $secretsCache->getValue('my-secret');
You can use clearCache to remove an item from the underlying cache:
$mySecret = $secretsCache->getValue('my-secret'); $secretsCache->clearCache('my-secret'); $mySecret = $secretsCache->getValue('my-secret'); // Will fetch from AWS again
TTL must be implemented on the storage class, it is not applied by AwsSecretsCache.