@nekonomokochan/aws-env-creator NPM

aws-env-creator

Create an env file from AWS Secrets Manager.

Getting Started

Install npm package

yarn

yarn add @nekonomokochan/aws-env-creator

npm

npm install --save @nekonomokochan/aws-env-creator

Set up AWS credentials

Please set credentials using AWS CLI.

The following is the setting procedure in MacOS.

brew install awscli
aws configure --profile YOUR_PROFILE_NAME

AWS Access Key ID [None]: `YOUR_AWS_ACCESS_KEY_ID`
AWS Secret Access Key [None]: `YOUR_AWS_SECRET_ACCESS_KEY`
Default region name [None]: ap-northeast-1
Default output format [None]: json

profile is optional parameter.

However, in that case please make sure that AWS-SDK can access SecretManager by some means.

For example, there are the following methods.

Set credentials for default profile.
Give access to SecretManager with IAM policy.

The access key must also have at least the following permissions.

secretsmanager:ListSecrets
secretsmanager:DescribeSecret
secretsmanager:GetSecretValue
kms:Decrypt

How To Use

Use With TypeScript

import { createEnvFile, EnvFileType, AwsRegion } from "@nekonomokochan/aws-env-creator";

(async () => {
  const params = {
    type: EnvFileType.dotenv,
    outputDir: "./",
    secretIds: ["dev/app"],
    profile: "nekochans-dev",
    region: AwsRegion.ap_northeast_1
  };

  await createEnvFile(params);
})();

.env is created in your current directory.

Use With JavaScript

(async () => {
  "use strict";

  const awsEnvCreator = require("@nekonomokochan/aws-env-creator");

  const params = {
    type: ".env",
    outputDir: "./",
    secretIds: ["dev/app"],
    profile: "nekochans-dev",
    region: "ap-northeast-1"
  };

  await awsEnvCreator.createEnvFile(params);
})();

.env is created in your current directory.

Set an environment variable with an arbitrary key name

Assume that the following information is registered in your AWS Secret Manager.

{
  "ANOTHER_API_KEY": "another_api_key",
  "ANOTHER_API_SECRET": "another_api_secret"
}

When this code is executed, .envrc is created with the following contents.

(async () => {
    const params = {
      type: EnvFileType.direnv,
      outputDir: "./",
      secretIds: ["dev/app"],
      profile: "nekochans-dev",
      region: AwsRegion.ap_northeast_1,
      keyMapping: {
        ANOTHER_API_KEY: "AWS_API_KEY",
        ANOTHER_API_SECRET: "AWS_API_SECRET"
      }
    };

    await createEnvFile(params);
})();

export AWS_API_KEY=another_api_key
export AWS_API_SECRET=another_api_secret

Define the environment variable to output

When this code is executed, .envrc is created with the following contents.

(async () => {
    const params = {
      type: EnvFileType.direnv,
      outputDir: "./",
      secretIds: ["dev/app"],
      profile: "nekochans-dev",
      region: AwsRegion.ap_northeast_1,
      outputWhitelist: ["ANOTHER_API_KEY"],
    };

    await createEnvFile(params);
})();

export ANOTHER_API_KEY=another_api_key

Optionally set optional parameters

Use With TypeScript

import { createEnvFile, EnvFileType, AwsRegion } from "@nekonomokochan/aws-env-creator";

(async () => {
  const params = {
    type: EnvFileType.dotenv,
    outputDir: "./",
    secretIds: ["dev/app"],
    profile: "nekochans-dev",
    region: AwsRegion.ap_northeast_1,
    addParams: { APP_URL: "http://localhost/3000" }
  };

  await createEnvFile(params);
})();

Use With JavaScript

(async () => {
  "use strict";

  const awsEnvCreator = require("@nekonomokochan/aws-env-creator");

  const params = {
    type: ".env",
    outputDir: "./",
    secretIds: ["dev/app"],
    profile: "nekochans-dev",
    region: "ap-northeast-1",
    addParams: { APP_URL: "http://localhost/3000" }
  };

  await awsEnvCreator.createEnvFile(params);
})();

The following file will be output.

{
  "ANOTHER_API_KEY": "another_api_key",
  "ANOTHER_API_SECRET": "another_api_secret",
  "APP_URL": "http://localhost/3000"
}

create from AWS ParameterStore

You can generate env file from AWS Systems Manager Parameter Store.

For example, suppose that the following ParameterStore is registered.

key	value
/dev/test-app/news/sendgrid-api-key	DummySendGridAPIKEY0001
/dev/test-app/news/slack-token	DummySlackToken0001

You need to specify parameterPath instead of secretIds.

import { createEnvFile, EnvFileType, AwsRegion } from "@nekonomokochan/aws-env-creator";

(async () => {
  const params = {
    type: EnvFileType.dotenv,
    outputDir: "./",
    parameterPath: "/dev/test-app/news",
    profile: "nekochans-dev",
    region: AwsRegion.ap_northeast_1
  };

  await createEnvFile(params);
})();

The contents of the created .env are as follows.

sendgrid-api-key=DummySendGridAPIKEY0001
slack-token=DummySlackToken0001

parameterPath and secretIds can be used together.

A description of the parameter

parameter	description	value
type	The type of file to output	Enum `.env` `.envrc` `terraform.tfvars`
outputDir	Output path	String
secretIds	Your AWS Secrets Manager ID	String[]
parameterPath	Your AWS Parameter Store Path	String
profile	Your AWS CLI Credentials Name	String
region	The region where your AWS Secrets Manager is located	String
outputWhitelist	Output Parameters	String[]
keyMapping	Key Mapping Object	Object
addParams	Additional Parameters	Object
outputFilename	Use this when you want to change the output file name	String