From 5c78e63aa790cfea8b14014779fab6545418771a Mon Sep 17 00:00:00 2001
From: Zemuldo <danstan.otieno@gmail.com>
Date: Wed, 17 Apr 2024 19:02:20 +0300
Subject: [PATCH] adds docs for aws secret manager

---
 README.md                            | 14 ++++++++++++++
 lib/providers/aws_secrets_manager.ex | 17 ++++++++++++++++-
 2 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 9a5c72a..bd0e2b0 100644
--- a/README.md
+++ b/README.md
@@ -87,6 +87,7 @@ You can configure:
 - Azure Keyvault
 - Azure Managed Identity
 - Google Secret Manager
+- AWS Secret Manager
 
 ## Provider Config
 
@@ -153,6 +154,19 @@ Using certificate. You can use `client_certificate_path` or `client_certificate_
   }
 ```
 
+AWS Secret Manager:
+
+Using secret access key. Using instance role is coming soon.
+
+  ```elixir
+  config :ex_secrets, :providers, %{
+        aws_secrets_manager: %{
+          access_key_id: "taccess_key_id",
+          secret_access_key: "secret_access_key"
+        }
+  }
+  ```
+
   Dotenv file:
 
   ```elixir
diff --git a/lib/providers/aws_secrets_manager.ex b/lib/providers/aws_secrets_manager.ex
index d5ea443..47e7785 100644
--- a/lib/providers/aws_secrets_manager.ex
+++ b/lib/providers/aws_secrets_manager.ex
@@ -2,7 +2,22 @@ defmodule ExSecrets.Providers.AwsSecretsManager do
   use ExSecrets.Providers.Base
 
   @moduledoc """
-  This module functions to access secrets in an Elixir application.
+  This module provides a provider for AWS Secrets Manager - https://aws.amazon.com/secrets-manager/
+  Code for authenticating with AWS has been has been forked from ex_aws See https://github.com/ex-aws/ex_aws
+
+  ## Configuration
+
+  ```elixir
+  config :ex_secrets, :providers, %{
+        aws_secrets_manager: %{
+          access_key_id: "taccess_key_id",
+          secret_access_key: "secret_access_key"
+        }
+      }
+  ```
+
+  Its is recomended to create an access key and secret access key for the access key with only the required permissions.
+  Limiting thye scope of the access key will help in reducing the risk of the access key being compromised.
   """
 
   @process_name :ex_secrets_aws_secrets_manager