Home > Software engineering >  AWS - Lambda unable to get my secrets (NodeJS)
AWS - Lambda unable to get my secrets (NodeJS)

Time:07-09

I am new to AWS Lambda functions, and I am trying to retrieve secrets to use to connect to RDS database.

Here is my current code:

var aws = require("aws-sdk");

exports.handler = async (event) => {

    console.log("version = "   aws.VERSION)

    var client = new aws.SecretsManager({
        version: '2017-10-17',
        region: 'eu-west-2' // Your region
    });
    var secret, decodedBinarySecret;

    await client.getSecretValue({
        SecretId: 'mysecretid'
    }, function(err, data) {
        if (err) {
            console.log("I am here 2");

            try {
                /* code */
                if (err.code === 'DecryptionFailureException')
                    // Secrets Manager can't decrypt the protected secret text using the provided KMS key.
                    // Deal with the exception here, and/or rethrow at your discretion.
                    throw err;
                else if (err.code === 'InternalServiceErrorException')
                    // An error occurred on the server side.
                    // Deal with the exception here, and/or rethrow at your discretion.
                    throw err;
                else if (err.code === 'InvalidParameterException')
                    // You provided an invalid value for a parameter.
                    // Deal with the exception here, and/or rethrow at your discretion.
                    throw err;
                else if (err.code === 'InvalidRequestException')
                    // You provided a parameter value that is not valid for the current state of the resource.
                    // Deal with the exception here, and/or rethrow at your discretion.
                    throw err;
                else if (err.code === 'ResourceNotFoundException')
                    // We can't find the resource that you asked for.
                    // Deal with the exception here, and/or rethrow at your discretion.
                    throw err;
            }
            catch (e) {
                console.log(e);
                console.log(JSON.stringify(e));
            }
        }
        else {

            console.log("I am here 1");
            // Decrypts secret using the associated KMS CMK.
            // Depending on whether the secret is a string or binary, one of these fields will be populated.
            if ('SecretString' in data) {
                secret = data.SecretString;
            }
            else {
                let buff = new Buffer(data.SecretBinary, 'base64');
                decodedBinarySecret = buff.toString('ascii');
            }
        } // Your code goes here. 
        console.log("I am here 3");
        console.log(secret);
    });
};

I have attached the correct roles and permissions to the function and also the console log of the aws version is version = 2.1083.0

But the other console logs do not output anything indicating the code is not being hit, wondering what I am doing wrong?

CodePudding user response:

How about you try something like

const data = await client.getSecretValue({
    SecretId: 'mysecretid'
});

CodePudding user response:

I have solved this myself:

In index.js

const SecretsManager = require('./secretsManager.js');
exports.handler = async (event) => {

    var secretName = 'mysecretid';
    var region = 'eu-west-2';
    var apiValue = await SecretsManager.getSecret(secretName, region);
    console.log(apiValue); 
    const response = {
        statusCode: 200,
        body: JSON.stringify('Hello from Lambda!'),
    };
    return response;
 
};

and then I created a new file called secretsManager.js

const AWS = require('aws-sdk'); 

class SecretsManager {

    /**
     * Uses AWS Secrets Manager to retrieve a secret
     */
    static async getSecret (secretName, region){
        const config = { region : region }
        var secret, decodedBinarySecret;
        let secretsManager = new AWS.SecretsManager(config);
        try {
            let secretValue = await secretsManager.getSecretValue({SecretId: secretName}).promise();
            if ('SecretString' in secretValue) {
                return secret = secretValue.SecretString;
            } else {
                let buff = new Buffer(secretValue.SecretBinary, 'base64');
                return decodedBinarySecret = buff.toString('ascii');
            }
        } catch (err) {
            if (err.code === 'DecryptionFailureException')
                // Secrets Manager can't decrypt the protected secret text using the provided KMS key.
                // Deal with the exception here, and/or rethrow at your discretion.
                throw err;
            else if (err.code === 'InternalServiceErrorException')
                // An error occurred on the server side.
                // Deal with the exception here, and/or rethrow at your discretion.
                throw err;
            else if (err.code === 'InvalidParameterException')
                // You provided an invalid value for a parameter.
                // Deal with the exception here, and/or rethrow at your discretion.
                throw err;
            else if (err.code === 'InvalidRequestException')
                // You provided a parameter value that is not valid for the current state of the resource.
                // Deal with the exception here, and/or rethrow at your discretion.
                throw err;
            else if (err.code === 'ResourceNotFoundException')
                // We can't find the resource that you asked for.
                // Deal with the exception here, and/or rethrow at your discretion.
                throw err;
        }
    } 
}
module.exports = SecretsManager;

Page link:https//www.codepudding.com/Softwareengineering/469182.html

Prev:define constant instead of duplicating 3 times
Next:Unable to connect Nodejs driver to MongoDB Atlas cluster
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding