From f02be0dd2ccce142a15e5767a5e9606b34c33f2f Mon Sep 17 00:00:00 2001
From: Hassan <hassan.javeed84@gmail.com>
Date: Tue, 22 Oct 2024 18:27:49 +0500
Subject: [PATCH] chore: Use secrets manager to pull decryption keys.

---
 dataeng/resources/remote-config.sh | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/dataeng/resources/remote-config.sh b/dataeng/resources/remote-config.sh
index 697934c31..2b89a110a 100644
--- a/dataeng/resources/remote-config.sh
+++ b/dataeng/resources/remote-config.sh
@@ -117,11 +117,7 @@ for DEPLOYMENT in edx edge; do
     # First, fetch the decryption key for the given deployment.
     #
     # FYI: in bash, double carets after a variable name capitalizes the string.
-    vault kv get \
-        -version=${REMOTE_CONFIG_DECRYPTION_KEYS_VAULT_KV_VERSION} \
-        -field=PROD_${DEPLOYMENT^^}_PRIVATE_KEY \
-        ${REMOTE_CONFIG_DECRYPTION_KEYS_VAULT_KV_PATH} \
-        >${DECRYPTION_KEY_PATH}
+    aws secretsmanager get-secret-value --secret-id remote-config/prod-decryption-keys --region us-east-1 --query SecretString --output text | jq -r ".PROD_${DEPLOYMENT^^}_PRIVATE_KEY" >${DECRYPTION_KEY_PATH}
 
     # Now that we have the decryption key, decrypt lms and studio configs:
     asym_crypto_yaml decrypt-encrypted-yaml \