How to use Boto3 to add tags in specified AWS secrets

Problem Statement: Use boto3 library in Python to add tags in AWS secret.

Approach/Algorithm to solve this problem

• Step 1: Import boto3 and botocore exceptions to handle exceptions.

• Step 2: secret_location and tags_dict are the required parameters in this function. tags_dict should be as {“key”:”value”,..}

• Step 3: Create an AWS session using boto3 lib. Make sure region_name is mentioned in the default profile. If it is not mentioned, then explicitly pass the region_name while creating the session.

• Step 4: Create an AWS client for secretmanager.

• Step 5: Now use tag_resource function and pass the parameter secret_location as SecretId and tags_dict as Tags.

• Step 6: It returns the response metadata and add tags in the resources.

• Step 7: Handle the generic exception if something went wrong while adding tags.

Example Code

Use the following code to add tag −

import boto3
from botocore.exceptions import ClientError

def add_tags_in_resource(secret_location, tags_dict)
   session = boto3.session.Session()
   client = session.client('secretmanager')
   try:
      response = client.tag_resource(SecretId= secret_location,Tags=tags_dict)
   return response
   except ClientError as e:
      raise Exception("boto3 client error in add_tags_in_resource: " + e.__str__())
   except Exception as e:
      raise Exception("Unexpected error in add_tags_in_resource: " + e.__str__())

tags_dict = [{"Key":"secret-test","Value":"test"}]
print(add_tags_in_resource("secrets/aws",tags_dict))

Output

{'ResponseMetadata': {'RequestId': 'c9f418b0-***************-fb96', 'HTTPStatusCode': 200, 'HTTPHeaders': {'date': 'Fri, 02 Apr 2021 08:04:54 GMT', 'content-type': 'application/x-amz-json-1.1', 'content-length': '27', 'connection': 'keep-alive', 'x-amzn-requestid': 'c9f418b0-******************-fb96'}, 'RetryAttempts': 0}}