npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

nestjs-secret-manager

v1.1.2

Published

NestJS AWS Secrets Manager

Downloads

45

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

arjupbaarjupba

Keywords

nestsecrets-manageraws

Readme

This module is forked from https://github.com/razzkumar/nestjs-aws-secrets-manager. Kudos to razzkumar

Additional features:

  1. Support secrets in plane text.
  2. Allow the same-named environment variables and secrets.

Installation

npm i nestjs-secret-manager @aws-sdk/client-secrets-manager

Having troubles configuring nestjs-secret-manager? Clone this repository and cd in a sample:

cd samples/quick-start
npm install
npm run start:dev

Quick start

Import AWSSecretsManagerModule into the root AppModule and use the forRoot() method to configure it. This method accepts the object as AWSSecretsManagerModuleOptions, you can also checkout samples

import { Module } from '@nestjs/common';
import { SecretsManagerClient } from '@aws-sdk/client-secrets-manager';

import {
  AWSSecretsManagerModule,
  AWSSecretsManagerModuleOptions,
} from 'nestjs-secret-manager';

import { AppService } from './app.service';
import { AppController } from './app.controller';
import { AWSDBCredentialsService } from './aws-secrets.service';

const AWSSecretsManagerProps: AWSSecretsManagerModuleOptions = {
  secretsManager: new SecretsManagerClient({
    region: 'us-east-1',
  }),
};

@Module({
  imports: [
    AWSSecretsManagerModule.forRoot(AWSSecretsManagerProps),
    AWSDBCredentialsService,
  ],
  controllers: [AppController],
  providers: [AppService, AWSDBCredentialsService],
})
export class AppModule {}

Create the Secrets Manager Service

Now we have getSecretsByID method on AWSSecretsService from we can retrive aws secrets using name or ARN

import { Injectable } from '@nestjs/common';
import { AWSSecretsService } from 'nestjs-secret-manager';

interface DBCredentials {
  host: string;
  port: number;
  user: string;
  password: string;
  database: string;
}

@Injectable()
export class AWSDBCredentialsService {
  constructor(private readonly secretsRetrieverService: AWSSecretsService) {}

  async getDBCredentials(): Promise<DBCredentials> {
    return await this.secretsRetrieverService.getSecretsByID<DBCredentials>(
      'test/sm1',
    ); // where db-credentials is the secret id
  }
}

Set process env variables from aws secrets manager

We also can able to set value on process on starting, which allows us to retrive secrets using process.env or @nest/config module

import { Module } from '@nestjs/common';
import { SecretsManagerClient } from '@aws-sdk/client-secrets-manager';
import {
  AWSSecretsManagerModule,
  AWSSecretsManagerModuleOptions,
} from 'nestjs-secret-manager';

import { AppService } from './app.service';
import { AppController } from './app.controller';

const AWSSecretsManagerProps: AWSSecretsManagerModuleOptions = {
  secretsManager: new SecretsManagerClient({
    region: 'us-east-1',
  }),
  isSetToEnv: true, // set all secrets to env variables which will be available in process.env or @nest/config module
  secretsSource: { secret1: 'test/sm1', secret2: 'test/sm2' }, // OR array or secrets name or ARN  [ "db/prod/config" ,"app/prod/config"],
};

@Module({
  imports: [AWSSecretsManagerModule.forRoot(AWSSecretsManagerProps)],
  controllers: [AppController],
  providers: [AppService],
})
export class AppModule {}

Afterward, Aws secrets from provided secretsSource can be access via process.env for @nestjs/config module

Async configuration

Caveats: because the way Nest works, you can't inject dependencies exported from the root module itself (using exports). If you use forRootAsync() and need to inject a service, that service must be either imported using the imports options or exported from a global module. Maybe you need to asynchronously pass your module options, for example when you need a configuration service. In such case, use the forRootAsync() method, returning an options object from the useFactory method:

import { Module } from '@nestjs/common';
import { SecretsManagerClient } from '@aws-sdk/client-secrets-manager';
import { AWSSecretsManagerModule } from 'nestjs-secret-manager';

import { AppService } from './app.service';
import { AppController } from './app.controller';

import { ConfigModule, ConfigService } from '@nestjs/config';
@Module({
  imports: [
    ConfigModule.forRoot({
      isGlobal: true,
    }),
    AWSSecretsManagerModule.forRootAsync({
      useFactory: (configService: ConfigService) => ({
        secretsManager: new SecretsManagerClient({
          region: configService.get('AWS_REGION'),
        }),
        isSetToEnv: true, // set all secrets to env variables which will be available in process.env or @nest/config module
        secretsSource: {
          secret1: configService.get('AWS_SECRET_ID_1'), // name or array of secret names
          secret2: configService.get('AWS_SECRET_ID_2'), // name or array of secret names
        },
        isDebug: configService.get('NODE_ENV') === 'development',
      }),
      inject: [ConfigService],
    }),
  ],
  controllers: [AppController],
  providers: [AppService],
})
export class AppModule {}

The factory might be async, can inject dependencies with inject option and import other modules using the imports option.

Options

Configuration options parameter for AWSSecretsManagerModule is defined as AWSSecretsManagerModuleOptions interface

export interface AWSSecretsManagerModuleOptions {
  secretsManager: SecretsManagerClient;
  isSetToEnv?: boolean;
  secretsArn?: string | string[];
  isDebug?: boolean;
}

which is available for import from nestjs-secret-manager module

import { AWSSecretsManagerModuleOptions } from 'nestjs-secret-manager';

Contributing

New features and bugfixes are always welcome! In order to contribute to this project, follow a few easy steps:

  1. Fork this repository and clone it on your machine
  2. Open the local repository with Visual Studio Code with the remote development feature enabled (install the Remote Development extension)
  3. Create a branch my-awesome-feature and commit to it
  4. Run npm run lint, npm run format and npm run build and verify that they complete without errors
  5. Push my-awesome-feature branch to GitHub and open a pull request

Stay in touch

License

nestjs-secret-manager is MIT licensed.