Is there any funky cool way to setup and use secre...
# helpd
Dan Van Brunt
05/06/2022, 7:30 PMIs there any funky cool way to setup and use secrets in SST/CDK?
Right now we are manually creating SSM params and then just manually passing the SSM paths as envs into functions and accessing the encrypted SSM at runtime (decrypted) from within the lambda.
Thought I remember someone theorizing a sst helper to make this less work.
f
Frank
05/06/2022, 9:38 PM
Hey @Dan Van Brunt, yeah we are working on it! Some pseudo code looks like this.
• creating the secret
Copy code
const stripeKey = new sst.Parameter("/path/to/ssm"); Copy code
new sst.Function(..., {
parameters: {
stripeKey
}
}); Copy code
import { Config } from "@serverless-stack/node";
Config.stripeKey; // this has the decrypted valueFrank
05/06/2022, 9:38 PM
Still very raw.. (cc @thdxr to correct me if I missed anything)
r
Rob N
06/14/2022, 2:12 PM@Frank @thdxr how far out is the SST secrets functionality? We are running into this issue right now and working out what our approach should be and whether we need a short term solution until there is a native option in SST.
t
thdxr
06/14/2022, 2:13 PMI put together this prototype: https://github.com/serverless-stack/serverless-stack/tree/master/examples/parameter-prototype
thdxr
06/14/2022, 2:14 PMcould make sense to copy this and it'll be an easy upgrade path when we merge it in natively
r
Rob N
06/14/2022, 2:14 PMAwesome thanks @thdxr i will have a play
2 Views