g)dZddlZddlZddlmZmZmZddlZddlZddl m Z ddl m Z ddl mZmZddlmZddlmZd d lmZGd d e eZy) a This is a file for the AWS Secret Manager Integration Handles Async Operations for: - Read Secret - Write Secret - Delete Secret Relevant issue: https://github.com/BerriAI/litellm/issues/1883 Requires: * `os.environ["AWS_REGION_NAME"], * `pip install boto3>=1.28.57` N)AnyOptionalUnion)verbose_logger) BaseAWSLLM)_get_httpx_clientget_async_httpx_client)KeyManagementSystem)httpxSpecialProvider)BaseSecretManagerceZdZedZedeefdZ ddedee dee e e jfdeefd Z ddedee dee e e jfdeefd Z dded ed eedee dee e e jfde f d Z ddedeedee dee e e jfde f dZ ddeded eedee dee deeeeff dZy)AWSSecretsManagerV2c>dtjvr tdy)NAWS_REGION_NAMEz7Missing required environment variable - AWS_REGION_NAME)osenviron ValueError)clss b/var/www/openai/venv/lib/python3.12/site-packages/litellm/secret_managers/aws_secret_manager_v2.pyvalidate_environmentz(AWSSecretsManagerV2.validate_environment$s BJJ .VW W /use_aws_secret_managerc||dury |j|t_tjt_y#t $r}|d}~wwxYw)z Initialize AWSSecretsManagerV2 and sets litellm.secret_manager_client = AWSSecretsManagerV2() and litellm._key_management_system = KeyManagementSystem.AWS_SECRET_MANAGER NF)rlitellmsecret_manager_clientr AWS_SECRET_MANAGER_key_management_system Exception)rres rload_aws_secret_managerz+AWSSecretsManagerV2.load_aws_secret_manager)sS " )-Cu-L    $ $ &,/EG )-@-S-SG * G s9A A AAN secret_nameoptional_paramstimeoutreturncK|jd||\}}}ttjd|i} |j |||j dd{}|j |jdS7'#tj$r td t$r)} tjd t| Yd} ~ yd} ~ wwxYww) z Async function to read a secret from AWS Secrets Manager Returns: str: Secret value Raises: ValueError: If the secret is not found or an HTTP error occurs GetSecretValueactionr"r#r$ llm_providerparamsutf-8urlheadersdataN SecretStringTimeout error occurred1Error reading secret from AWS Secrets Manager: %s)_prepare_requestr r SecretManagerpostdecoderaise_for_statusjsonhttpxTimeoutExceptionrrr exceptionstr) selfr"r#r$ endpoint_urlr0body async_clientresponser s rasync_read_secretz%AWSSecretsManagerV2.async_read_secret9s'+&;&;##+'<' # gt .-;;w' ).. ' G8L/H  % % '==?>2 2  %% 756 6   $ $CSV    s@6C&B B &B CB &C/CCCCc.|dvrtj|S|jd||\}}}td|i} |j |||j d}|j dS#tj$r td tj$r=} tjd t| jjYd } ~ y d } ~ wt $r)} tjd t| Yd } ~ y d } ~ wwxYw) z Sync function to read a secret from AWS Secrets Manager Done for backwards compatibility with existing codebase, since get_secret is a sync function )AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYr AWS_REGIONAWS_BEDROCK_RUNTIME_ENDPOINTr'r(r$)r,r-r.r2r3r4N)rgetenvr5rr7r8r:r;r<rHTTPStatusErrorrr=r>rCtextr) r?r"r#r$r@r0rA sync_clientrCr s rsync_read_secretz$AWSSecretsManagerV2.sync_read_secret`s   99[) )&*&;&;##+'<' # gt (w'  "'' ' G8L(H==?>2 2%% 756 6$$   $ $CAJJOO$      $ $CSV    s$5A770D'3C D+DD secret_value descriptionc Kddl}||d}|r||d<t|j|d<|jd||||\}} } t t j d|i } | j|| | jd  d{} | j| jS7$#tj$r'} td | jjd} ~ wtj $r td wxYww)a] Async function to write a secret to AWS Secrets Manager Args: secret_name: Name of the secret secret_value: Value to store (can be a JSON string) description: Optional description for the secret optional_params: Additional AWS parameters timeout: Request timeout rN)Namer2 DescriptionClientRequestToken CreateSecret)r)r"rOr# request_datar$r*r-r.HTTP error occurred: r3)uuidr>uuid4r5r r r6r7r8r9r:r;rKrrCrLr<)r?r"rOrPr#r$rXr1r@r0rArBrCerrs rasync_write_secretz&AWSSecretsManagerV2.async_write_secrets $ $\B "-D %(%6 !"&*&;&;!#%+ '<' # gt.-;;w' 7).. ' G8L/H  % % '==? "  $$ J4S\\5F5F4GHI I%% 756 6 7s<A$D'&B4 B2#B41D2B44D "C))"D  Drecovery_window_in_dayscK||d}|jd|||\}}}ttjd|i} | j |||j dd{} | j | jS7$#tj$r'} td | jjd} ~ wtj$r td wxYww) a Async function to delete a secret from AWS Secrets Manager Args: secret_name: Name of the secret to delete recovery_window_in_days: Number of days before permanent deletion (default: 7) optional_params: Additional AWS parameters timeout: Request timeout Returns: dict: Response from AWS Secrets Manager containing deletion details )SecretIdRecoveryWindowInDays DeleteSecret)r)r"r#rVr$r*r-r.NrWr3)r5r r r6r7r8r9r:r;rKrrCrLr<) r?r"r\r#r$r1r@r0rArBrCrZs rasync_delete_secretz'AWSSecretsManagerV2.async_delete_secrets*$$;  '+&;&;!#+ '<' # gt.-;;w' 7).. ' G8L/H  % % '==? "  $$ J4S\\5F5F4GHI I%% 756 6 7s:dictrfloatr;TimeoutrDrNr[intratuplerbytesr5rrrr#sXX Xd^  $+/9= %%"$%%u}} 456 % # %T+/9= 00"$0%u}} 456 0 # 0l&**.9= 171717c] 17 "$ 17 %u}} 456 17 17l23*.9= .7.7"*#.7"$ .7 %u}} 456 .7  .7h'+*.'+ 434343sm 43 "$ 43 tn 43 sC 43rr)__doc__r:rtypingrrrr;rlitellm._loggingr!litellm.llms.bedrock.base_aws_llmr&litellm.llms.custom_httpx.http_handlerrr litellm.proxy._typesr litellm.types.llms.custom_httpr base_secret_managerr rrrrrsE  '' +85?2F3*&7F3r