docs: wrote api docs for SecretsProvider

dreamorosi · dreamorosi · commit 268ea1e44898 · 2023-02-22T18:12:52.000+01:00
diff --git a/packages/parameters/src/secrets/SecretsProvider.ts b/packages/parameters/src/secrets/SecretsProvider.ts
@@ -9,6 +9,146 @@ import type {
   SecretsGetOptionsInterface
 } from '../types/SecretsProvider';
 
+/**
+ * ## Intro
+ * The Parameters utility provides a SecretsProvider that allows to retrieve secrets from AWS Secrets Manager.
+ * 
+ * ## Getting started
+ * 
+ * This utility supports AWS SDK v3 for JavaScript only. This allows the utility to be modular, and you to install only
+ * the SDK packages you need and keep your bundle size small.
+ * 
+ * To use the provider, you must install the Parameters utility and the AWS SDK v3 for JavaScript for Secrets Manager:
+ * 
+ * ```sh
+ * npm install @aws-lambda-powertools/parameters @aws-sdk/client-secrets-manager
+ * ```
+ *
+ * ## Basic usage
+ *
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * const secretsProvider = new SecretsProvider();
+ * 
+ * export const handler = async (): Promise<void> => {
+ *   // Retrieve a single secret
+ *   const secret = await secretsProvider.get('my-secret');
+ * };
+ * ```
+ * 
+ * If you want to retrieve secrets without customizing the provider, you can use the {@link getSecret} function instead.
+ * 
+ * ## Advanced usage
+ * 
+ * ### Caching
+ * 
+ * By default, the provider will cache parameters retrieved in-memory for 5 seconds.
+ * You can adjust how long values should be kept in cache by using the `maxAge` parameter.
+ * 
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * const secretsProvider = new SecretsProvider();
+ * 
+ * export const handler = async (): Promise<void> => {
+ *  // Retrieve a single secret and cache it for 10 seconds
+ *  const secret = await secretsProvider.get('my-secret', { maxAge: 10 });
+ * };
+ * ```
+ * 
+ * If instead you'd like to always ensure you fetch the latest parameter from the store regardless if already available in cache, use the `forceFetch` parameter.
+ * 
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * const secretsProvider = new SecretsProvider();
+ * 
+ * export const handler = async (): Promise<void> => {
+ *   // Retrieve a single secret and always fetch the latest value
+ *   const secret = await secretsProvider.get('my-secret', { forceFetch: true });
+ * };
+ * ```
+ * 
+ * ### Transformations
+ * 
+ * For parameters stored in JSON or Base64 format, you can use the transform argument for deserialization.
+ * 
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * const secretsProvider = new SecretsProvider();
+ * 
+ * export const handler = async (): Promise<void> => {
+ *  // Retrieve a single secret and deserialize it as JSON
+ *  const secret = await secretsProvider.get('my-secret', { transform: 'json' });
+ * };
+ * ```
+ * 
+ * ### Extra SDK options
+ * 
+ * When retrieving a secret, you can pass extra options to the AWS SDK v3 for JavaScript client by using the `sdkOptions` parameter.
+ * 
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * const secretsProvider = new SecretsProvider();
+ * 
+ * export const handler = async (): Promise<void> => {
+ *   // Retrieve a single secret and pass extra options to the AWS SDK v3 for JavaScript client
+ *   const secret = await secretsProvider.get('my-secret', {
+ *     sdkOptions: {
+ *       VersionId: 1,
+ *     },
+ *   });
+ * };
+ * ```
+ * 
+ * This object accepts the same options as the [AWS SDK v3 for JavaScript Secrets Manager client](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-secrets-manager/interfaces/getsecretvaluecommandinput.html).
+ * 
+ * ### Customize AWS SDK v3 for JavaScript client
+ * 
+ * By default, the provider will create a new Secrets Manager client using the default configuration.
+ * 
+ * You can customize the client by passing a custom configuration object to the provider.
+ * 
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * const secretsProvider = new SecretsProvider({
+ *  clientConfig: { region: 'eu-west-1' },
+ * });
+ * ```
+ * 
+ * This object accepts the same options as the [AWS SDK v3 for JavaScript Secrets Manager client](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-secrets-manager/interfaces/secretsmanagerclientconfig.html).
+ * 
+ * Otherwise, if you want to use a custom client altogether, you can pass it to the provider.
+ * 
+ * @example
+ * ```typescript
+ * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+ * import { SecretsManagerClient } from '@aws-sdk/client-secrets-manager';
+ * 
+ * const client = new SecretsManagerClient({ region: 'eu-west-1' });
+ * const secretsProvider = new SecretsProvider({
+ *  awsSdkV3Client: client,
+ * });
+ * ```
+ * 
+ * This object must be an instance of the [AWS SDK v3 for JavaScript Secrets Manager client](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-secrets-manager/classes/secretsmanagerclient.html).
+ * 
+ * For more usage examples, see [our documentation](https://awslabs.github.io/aws-lambda-powertools-typescript/latest/utilities/parameters/).
+ *
+ * @class
+ * @implements {BaseProvider}
+ * @see https://awslabs.github.io/aws-lambda-powertools-typescript/latest/utilities/parameters/
+ */
 class SecretsProvider extends BaseProvider {
   public client: SecretsManagerClient;
 
@@ -28,6 +168,32 @@ class SecretsProvider extends BaseProvider {
     
   }
 
+  /**
+   * Retrieve a secret from AWS Secrets Manager.
+   * 
+   * @example
+   * ```typescript
+   * import { SecretsProvider } from '@aws-lambda-powertools/parameters/secrets';
+   * 
+   * const secretsProvider = new SecretsProvider();
+   * 
+   * export const handler = async (): Promise<void> => {
+   *   // Retrieve a single secret
+   *   const secret = await secretsProvider.get('my-secret');
+   * };
+   * ```
+   * 
+   * You can customize the retrieval of the secret by passing options to the function:
+   * * `maxAge` - The maximum age of the value in cache before fetching a new one (in seconds) (default: 5)
+   * * `forceFetch` - Whether to always fetch a new value from the store regardless if already available in cache
+   * * `transform` - Whether to transform the value before returning it. Supported values: `json`, `base64`
+   * * `sdkOptions` - Extra options to pass to the AWS SDK v3 for JavaScript client
+   * 
+   * For usage examples check {@link SecretsProvider}.
+   * 
+   * @param {string} name - The name of the secret
+   * @param {SecretsGetOptionsInterface} options - Options to customize the retrieval of the secret
+   */
   public async get(
     name: string,
     options?: SecretsGetOptionsInterface
diff --git a/packages/parameters/src/secrets/getSecret.ts b/packages/parameters/src/secrets/getSecret.ts
@@ -2,6 +2,106 @@ import { DEFAULT_PROVIDERS } from '../BaseProvider';
 import { SecretsProvider } from './SecretsProvider';
 import type { SecretsGetOptionsInterface } from '../types/SecretsProvider';
 
+/**
+ * ## Intro
+ * The Parameters utility provides a SecretsProvider that allows to retrieve secrets from AWS Secrets Manager.
+ * 
+ * ## Getting started
+ * 
+ * This utility supports AWS SDK v3 for JavaScript only. This allows the utility to be modular, and you to install only
+ * the SDK packages you need and keep your bundle size small.
+ * 
+ * To use the provider, you must install the Parameters utility and the AWS SDK v3 for JavaScript for Secrets Manager:
+ * 
+ * ```sh
+ * npm install @aws-lambda-powertools/parameters @aws-sdk/client-secrets-manager
+ * ```
+ *
+ * ## Basic usage
+ *
+ * @example
+ * ```typescript
+ * import { getSecret } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * export const handler = async (): Promise<void> => {
+ *   // Retrieve a single secret
+ *   const secret = await getSecret('my-secret');
+ * };
+ * ```
+ * 
+ * ## Advanced usage
+ * 
+ * ### Caching
+ * 
+ * By default, the provider will cache parameters retrieved in-memory for 5 seconds.
+ * You can adjust how long values should be kept in cache by using the `maxAge` parameter.
+ * 
+ * @example
+ * ```typescript
+ * import { getSecret } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * export const handler = async (): Promise<void> => {
+ *  // Retrieve a single secret and cache it for 10 seconds
+ *  const secret = await getSecret('my-secret', { maxAge: 10 });
+ * };
+ * ```
+ * 
+ * If instead you'd like to always ensure you fetch the latest parameter from the store regardless if already available in cache, use the `forceFetch` parameter.
+ * 
+ * @example
+ * ```typescript
+ * import { getSecret } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * export const handler = async (): Promise<void> => {
+ *   // Retrieve a single secret and always fetch the latest value
+ *   const secret = await getSecret('my-secret', { forceFetch: true });
+ * };
+ * ```
+ * 
+ * ### Transformations
+ * 
+ * For parameters stored in JSON or Base64 format, you can use the transform argument for deserialization.
+ * 
+ * @example
+ * ```typescript
+ * import { getSecret } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * export const handler = async (): Promise<void> => {
+ *  // Retrieve a single secret and deserialize it as JSON
+ *  const secret = await getSecret('my-secret', { transform: 'json' });
+ * ```
+ * 
+ * ### Extra SDK options
+ * 
+ * When retrieving a secret, you can pass extra options to the AWS SDK v3 for JavaScript client by using the `sdkOptions` parameter.
+ * 
+ * @example
+ * ```typescript
+ * import { getSecret } from '@aws-lambda-powertools/parameters/secrets';
+ * 
+ * export const handler = async (): Promise<void> => {
+ *   // Retrieve a single secret and pass extra options to the AWS SDK v3 for JavaScript client
+ *   const secret = await getSecret('my-secret', {
+ *     sdkOptions: {
+ *       VersionId: 1,
+ *     },
+ *   });
+ * };
+ * ```
+ * 
+ * This object accepts the same options as the [AWS SDK v3 for JavaScript Secrets Manager client](https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-secrets-manager/interfaces/getsecretvaluecommandinput.html).
+ * 
+ * ### Built-in provider class
+ *
+ * For greater flexibility such as configuring the underlying SDK client used by built-in providers, you can use the {@link SecretsProvider} class.
+ *
+ * For more usage examples, see [our documentation](https://awslabs.github.io/aws-lambda-powertools-typescript/latest/utilities/parameters/).
+ *
+ *
+ * @param {string} name - The name of the secret to retrieve
+ * @param {SecretsGetOptionsInterface} options - Options to configure the provider
+ * @see https://awslabs.github.io/aws-lambda-powertools-typescript/latest/utilities/parameters/
+ */
 const getSecret = async (name: string, options?: SecretsGetOptionsInterface): Promise<undefined | string | Uint8Array | Record<string, unknown>> => {
   if (!DEFAULT_PROVIDERS.hasOwnProperty('secrets')) {
     DEFAULT_PROVIDERS.secrets = new SecretsProvider();
diff --git a/packages/parameters/src/types/SecretsProvider.ts b/packages/parameters/src/types/SecretsProvider.ts
@@ -11,8 +11,19 @@ interface SecretsProviderOptionsWithClientInstance {
   clientConfig?: never
 }
 
+/**
+ * Options to configure the SecretsProvider.
+ */
 type SecretsProviderOptions = SecretsProviderOptionsWithClientConfig | SecretsProviderOptionsWithClientInstance;
 
+/**
+ * Options to configure the retrieval of a secret.
+ * 
+ * @property {number} maxAge - Maximum age of the value in the cache, in seconds.
+ * @property {boolean} forceFetch - Force fetch the value from the parameter store, ignoring the cache.
+ * @property {Omit<Partial<GetSecretValueCommandInput>, 'SecretId'>} sdkOptions - Options to pass to the underlying SDK.
+ * @property {TransformOptions} transform - Transform to be applied, can be 'json' or 'binary'.
+ */
 interface SecretsGetOptionsInterface extends GetOptionsInterface {
   sdkOptions?: Omit<Partial<GetSecretValueCommandInput>, 'SecretId'>
 }
