背景
Lambdaの環境変数に秘密情報を表示しない。
手順
1. Amplify の設定変更
$ amplify update function
? Which setting do you want to update? Secret values configuration
? Enter a secret name (this is the key used to look up the secret value): api_key_for_xxx
? Enter the value for api_key_for_xxx: [hidden]
? What do you want to do? I'm done
? This will immediately update secret values in the cloud. Do you want to continue? Yes
2. コードの修正
cd amplify/backend/function/xxx/src
npm install --save @aws-sdk/client-ssm
import { SSMClient, GetParameterCommand } from "@aws-sdk/client-ssm";
// Lambda の環境変数に Parameter Store の名前が格納される
const api_key_for_xxx = process.env.api_key_for_xxx;
const getApiToken = async () => {
const response = await ssmClient.send(
new GetParameterCommand({
Name: api_key_for_xxx,
WithDecryption: true,
})
);
return response.Parameter?.Value;
};