https://serverless-stack.com/ logo
Join Slack
Powered by
Hi there :wave:, I’m new to SST but super-excited ...
# help
j
Hi there 👋, I’m new to SST but super-excited about its potential for faster development. I’m trying to build an API using SST that accesses Google Calendar. For this, I created a service account in the Google API dashboard and got a JSON file that contains all necessary secrets and tokens. My general question is how secrets like these are handled in SST? Especially when they are not just API token strings, but files. I usually use 
dotenv
and .env files but this doesn’t seem to be the way to go with SST or CDK. Also, the information on the SST site reference the Serverless Framework and `serverless.yml`files a lot, but I wanted to not use this framework for this project. Could you provide some SST-specific information for the handling of secrets on the site maybe? Thanks! 🙏
OK, so I’m looking at 
ssm
to store the equivalent of the environment variables, like secrets and such. I start with a basic test:
Copy code
$ aws ssm put-parameter --type String --name "CALENDAR_ID" --value "foobar-blerg" --overwrite
{
    "Version": 2,
    "Tier": "Standard"
}
It looks like it has been stored without error (I needed 
--overwrite
because the parameter existed already). Now check it’s really there:
Copy code
$ aws ssm get-parameter --name "CALENDAR_ID"
{
    "Parameter": {
        "Name": "CALENDAR_ID",
        "Type": "String",
        "Value": "foobar-blerg",
        "Version": 2,
        "LastModifiedDate": "2021-04-15T00:24:06.449000+02:00",
        "ARN": "arn:aws:ssm:us-east-1:xxxxxxxxxxxx:parameter/CALENDAR_ID",
        "DataType": "text"
    }
}
Great. So, next step is to see whether it’s also available via my application. And this is where things may have gone wrong … I add the line below to the API definitions, for the default function props:
Copy code
// Create the HTTP API
    const api = new sst.Api(this, "Api", {
      defaultFunctionProps: {
        environment: {
          SSM_CALENDAR_ID: ssm.StringParameter.valueForStringParameter(this, 'CALENDAR_ID'),
          ...
And then test elsewhere in the app that I can read the value:
Copy code
console.log(`SSM CALENDAR ID: ${process.env.SSM_CALENDAR_ID}`);
Unfortunately, I get 
undefined
. 😞 Any ideas what I’m doing wrong?
Open in Slack
PreviousNext
Powered by