Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/iturgeon/aws-secrets-environment

Load AWS Secrets Manager values into Node.js process.env
https://github.com/iturgeon/aws-secrets-environment

12-factor aws aws-secrets-manager env environment-variables

Last synced: 3 months ago
JSON representation

Load AWS Secrets Manager values into Node.js process.env

Host: GitHub
URL: https://github.com/iturgeon/aws-secrets-environment
Owner: iturgeon
License: mit
Created: 2019-07-15T19:32:55.000Z (over 5 years ago)
Default Branch: master
Last Pushed: 2019-07-15T21:53:15.000Z (over 5 years ago)
Last Synced: 2024-10-01T07:09:34.381Z (4 months ago)
Topics: 12-factor, aws, aws-secrets-manager, env, environment-variables
Language: JavaScript
Homepage:
Size: 6.84 KB
Stars: 14
Watchers: 2
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # AWS Secrets Environment

A Node module to easily load [AWS Secrets Manager](https://aws.amazon.com/secrets-manager/) JSON secrets into your application's environment variables. This will allow your application to follow the [Twelve-Factor App](https://12factor.net/) principals while keeping access to your secrets controlled with AWS IAM.

* Each key from the loaded secret will be registered as `process.env[key]`

* Existing process.env variables will **not** be overwritten.

* If the value of said key is 'true' or 'false', it will be converted to a boolean

## Install

```bash

yarn install aws-secrets-environment

```

## Usage

With these secrets stored in AWS Secrets Manager as `MyApplicationDevSecrets`:

```json

{

	"NODE_ENV": "development",

	"DB_USER": "user-from-aws",

	"DB_PASS": "secret-from-aws"

}

```

index.js

```javascript

const loadAWSJSONSecretsIntoENV = require('aws-secrets-environment')

const region = 'us-east-1'

const secretName = 'MyApplicationDevSecrets'

// set an env var before loading? it won't be overridden

process.env.DB_PASS = 'secret-from-code'

loadAWSJSONSecretsIntoENV(region, secretName, console.log)

.then(() => {

	console.log(process.env.NODE_ENV, process.env.DB_USER, process.env.DB_PASS)

	// Output is: "development", "user-from-aws", 'secret-from-code'

	// start your application

})

````

### Arguments

```javascript

loadAWSJSONSecretsIntoENV('us-east-1', 'mySecret', logger.info)

```

1. string [AWS Region](https://docs.aws.amazon.com/general/latest/gr/rande.html)

2. string Name of Secret Manager Secret (select "Other type of secrets" when creating)

3. Optional function that will receive log messages

### Return

Returns a Promise. Once it resolves the secrets are available on process.env.