1. aws_secrets.py
import boto3
from botocore.exceptions import ClientError
import json
import os
def get_secret():
secret_name = os.environ.get("AWS_SECRET_MANAGER")
region_name = os.environ.get("AWS_REGION")
session = boto3.session.Session()
client = session.client(
service_name='secretsmanager',
region_name=region_name
)
try:
get_secret_value_response = client.get_secret_value(
SecretId=secret_name
)
except ClientError as e:
raise e
secret = get_secret_value_response['SecretString']
return json.loads(secret)2. staging.py
from .base import *
from aws_secrets import get_secret
secrets = get_secret()
DEBUG = False
ALLOWED_HOSTS = ["ALB 엔드포인트 URL"]
DATABASES = {
"default": {
"ENGINE": "django.db.backends.mysql",
"NAME": secrets["STAGING_MYSQL_NAME"],
"USER": secrets["STAGING_MYSQL_USER"],
"PASSWORD": secrets["STAGING_MYSQL_PASSWORD"],
"HOST": secrets["STAGING_MYSQL_HOST"],
"PORT": secrets["STAGING_MYSQL_PORT"],
}
}production.py도 환경을 위와 같은 방식으로 셋팅한다.
3. Secrets Manager 생성
