aws-lockbox
v2.0.3
Published
AWS SSM Secrets manager
Downloads
329
Maintainers
Readme
AWS Lockbox
aws-lockbox is a secrets management service for node and AWS Parameter Store (SSM). aws-lockbox handles all of your secrets by running on app start. It will populate the appropriate process.env variables with parameters stored in your AWS Parameter Store.
Getting Started
Directory Structure
- You variables need to be available in AWS Parameter Store (SSM)
- Have a local lockbox directory with corresponding environment names as files in your root folder
- There are two properties that are utilized in the lockbox configuration files: parameters and overrides.
- parameters is an array of parameter names (strings) that are found in SSM
- overrides is an array of key value pairs that you want to override locally
- default.js is defaulted to if there is no file that matches the environment variable.
- There are two properties that are utilized in the lockbox configuration files: parameters and overrides.
lockbox/
- production.js
- stage.js
- development.js
- local.js
- default.js
Initialization
/*
* The max number of tries you want to attempt before throwing an error.
* It uses exponential backoff to avoid conflicts with other services that use aws-lockbox
*/
const maxTries = 100;
const lb = new Lockbox.Lockbox(maxTries);
lb.exec();
/*
* waitMS together winpm init --scopeth maxWaits allows you to determine how long you want to wait
* before stopping. Stopping by default means, throwing an error.
*/
const waitMS = 100;
const maxWaits = 10;
await lb.wait(maxWaits, waitMS);
Overview
default.js
This is where you put the name of the keys that you wished to pull from Parameter Store. All the other files in lockbox/ depend on default.js and it's parameters list.
module.exports = {
parameters: [
"THE_NAME_OF_THE_PARAMETER_1",
"THE_NAME_OF_THE_PARAMETER_2",
...
]
}
[your environment].js | production.js | stage.js | dev.js | localdev.js | etc.
const defaultParameters = require('./default.js');
module.exports = {
parameters: defaultParameters.parameters,
overrides: [
{
Name: "THE_NAME_OF_THE_PARAMETER,
Value: "the value of the parameter"
}
],
}
parameters: []
This is where you can add parameters to retrieve from Parameter Store
overrides: []
This is where you can add as many Name, Value pairs as you want to override