Jacob Marcil
08/14/2023, 9:40 PMbest
way to configure AWS Secrets
in Dagster Resources
What I want is to store all my credentials in AWS Secrets
, and let Dagster
create the needed Resources
with the right AWS Secret
when the job run.
Right now, in the configuration I have, Dagster will load all Secrets as environment variables directly when It’s starts.
When I work on something that doesn’t requires any AWS Secrets, it’s sad that my configuration still need a valid AWS_PROFILE
configured in order to load the project and start dagster.
How do you guys deal with this issue?
Here’s what my configuration look like (For Snowflake
) :
I load all credentials to environment variables using boto3
manually
# Load snowflake credentials in environment variable
# before creating the ressources.
load_snowflake_credentials(DEPLOYMENT_NAME)
I then configure the needed Snowflake Config SHARED_SNOWFLAKE_CONF
SHARED_SNOWFLAKE_CONF = {
"account": os.getenv("SNOWFLAKE_ACCOUNT", ""),
"user": os.getenv("SNOWFLAKE_USER", ""),
"password": os.getenv("SNOWFLAKE_PASSWORD", ""),
"warehouse": os.getenv("SNOWFLAKE_WAREHOUSE", ""),
"database": os.getenv("SNOWFLAKE_DATABASE", ""),
"role": os.getenv("SNOWFLAKE_ROLE", ""),
}
And then attach that config to snowflake_io_manager
RESOURCES_LOCAL = {
"warehouse_io_manager": snowflake_io_manager.configured(
dict(**SHARED_SNOWFLAKE_CONF)
),
}
Is there a better way to do this that would allow me to still give my asset
a _`required_resource_keys`,_ but build it at run time instead?Zach
08/15/2023, 3:49 PM.configured()
at the global level. Something like
from dagster import resource
from dagster_snowflake import SnowflakeIOManager
@resource
def deferred_setup_snowflake_io_manager():
SHARED_SNOWFLAKE_CONF = {
"account": os.getenv("SNOWFLAKE_ACCOUNT", ""),
"user": os.getenv("SNOWFLAKE_USER", ""),
"password": os.getenv("SNOWFLAKE_PASSWORD", ""),
"warehouse": os.getenv("SNOWFLAKE_WAREHOUSE", ""),
"database": os.getenv("SNOWFLAKE_DATABASE", ""),
"role": os.getenv("SNOWFLAKE_ROLE", ""),
}
return SnowflakeIOManager(**SHARED_SNOWFLAKE_CONF)
Then the environment variables only get accessed when the snowflake IO manager gets used, instead of when your code is loadedsean
08/15/2023, 7:00 PMNathan Skone
10/17/2023, 7:38 PM