Skip to content

AWS Amplify で作成した Lambda で Parameter Store を利用する

Updated:

背景

Lambdaの環境変数に秘密情報を表示しない。

手順

1. Amplify の設定変更

$ amplify update function
? Which setting do you want to update? Secret values configuration
? Enter a secret name (this is the key used to look up the secret value): api_key_for_xxx
? Enter the value for api_key_for_xxx: [hidden]
? What do you want to do? I'm done
? This will immediately update secret values in the cloud. Do you want to continue? Yes

2. コードの修正

cd amplify/backend/function/xxx/src
npm install --save @aws-sdk/client-ssm
import { SSMClient, GetParameterCommand } from "@aws-sdk/client-ssm";

// Lambda の環境変数に Parameter Store の名前が格納される
const api_key_for_xxx = process.env.api_key_for_xxx;

const getApiToken = async () => {
  const response = await ssmClient.send(
    new GetParameterCommand({
      Name: api_key_for_xxx,
      WithDecryption: true,
    })
  );

  return response.Parameter?.Value;
};