From 00e233036903d8eb820bf8c39b2ea8e9dd425c01 Mon Sep 17 00:00:00 2001
From: Eric Wagoner <ewagoner@gmail.com>
Date: Tue, 10 Mar 2026 11:54:48 -0400
Subject: [PATCH] Add dbpass function template for retrieving RDS passwords

---
 zshrc-natera.private.example | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/zshrc-natera.private.example b/zshrc-natera.private.example
index 483f788..e71a6a5 100644
--- a/zshrc-natera.private.example
+++ b/zshrc-natera.private.example
@@ -19,3 +19,33 @@ refresh() {
   boring close YOUR_BORING_TARGET 2>/dev/null
   aws sso login && ssh -i ~/work/pems/YOUR_JUMPBOX_PEM ec2-user@JUMPBOX_IP exit && boring open YOUR_BORING_TARGET
 }
+
+# Database password retrieval function (replace ARNs and profile names with your actual values)
+function dbpass {
+  local env="${1:-dev}"
+  local secret_id profile
+
+  case "$env" in
+    dev)
+      secret_id='arn:aws:secretsmanager:REGION:ACCOUNT_ID:secret:YOUR_DEV_SECRET_ARN'
+      profile='YOUR_DEV_AWS_PROFILE'
+      ;;
+    uat)
+      secret_id='arn:aws:secretsmanager:REGION:ACCOUNT_ID:secret:YOUR_UAT_SECRET_ARN'
+      profile='YOUR_UAT_AWS_PROFILE'
+      ;;
+    *)
+      echo "Usage: dbpass [dev|uat]"
+      return 1
+      ;;
+  esac
+
+  aws secretsmanager get-secret-value \
+    --secret-id "$secret_id" \
+    --region us-west-2 \
+    --profile "$profile" \
+    --query 'SecretString' \
+    --output text \
+  | jq -r '.password' \
+  | pbcopy
+}