Lambda-config NPM

Usage

Contents of your config file, for example config.json:

{
  "appSettings": {
    "DBConfig": {
      "user": { "_encryptedTextBlob_": "AQECAHhEJQBbQ8N+ .... some b64 encoded encrypted text blob" },
      "password": { "_encryptedTextBlob_": "AQECAHhEJQBbQ8N+ .... some b64 encoded encrypted text blob" },
      "server": "some-server",
      "database": "some-database"
    }
  }
}

// or to minimise rountrips to KMS, better encrypt whole section
{
  "appSettings": {
    "DBConfig": {
      "_encryptedTextBlob_": "AQECAHhEJQBbQ8N+ .... some b64 encoded encrypted text blob" }
      "server": "some-server",
      "database": "some-database"
    }
  }
}

Strings must be encrypted using AWS Key Management Service and your lambda execution role should have kms:Decrypt permissions to use the key. Store config.json locally and include it in your lambda package, or upload it to a public hosting service like AWS S3. Load config.json as follows:

var cfg = require('lambda-config');
cfg.loadFromFile("local-path-or-url-to-config.json", function (err, config) {
	if (err) {
        console.log(err, err.stack);   // an error occurred
    }
	else {
		console.log(config);
	}
}, "your-aws-region");

Note that if your KMS encryption key is in the same region as the lambda you don't need to pass the region since process.env['AWS_DEFAULT_REGION'] will be used. If they are in different regions and you don't pass region parameter, key will be looked for in us-east-1 region.

You can also load configuration json from another source file. For example, you can have file rootConfig.json with the following contents:

{
  "appSettings": {
    "_loadFrom_": "./config.json"
  }
}

// and then use it same way as above:
var cfg = require('lambda-config');
cfg.loadFromFile("local-path-or-url-to-rootConfig.json", function (err, config) {
	...
});

// in this case, config object should have the following structure
{
	"appSettings": {
		"DBConfig": {
			"user": "some-decrypted-username",
			"password": "some-decrypted-password",
			"server": "some-server",
			"database": "some-database"
		}
	}
}

You can also use the loadFromString method with configuration json string:

var cfg = require('lambda-config');
cfg.loadFromString("some-configuration-json-string", function (err, config) {
	...
});

or call loadFromObject:

var cfgSource = { _loadFrom_: "./path-to-file" }
cfg.loadFromObject(cfgSource, function (err, config) {
	...
});

If you have mixed section with _loadFrom_ or _encryptedTextBlob_ and regular fields, all will be merged together in a resulting object:

// userConfig.json
{
  "user": "some-user",
  "password": "some-password"
}

// rootConfig.json
{
  "appSettings": {
    "_loadFrom_": "./userConfig.json",
	"server": "some-server"
  }
}

// calling loadFromFile with "./rootConfig.json" as a parameter will return the following
{
  "appSettings": {
    "user": "some-user",
	"password": "some-password",
	"server": "some-server"
  }
}

Note that you may need to flatten your dependencies folder before publishing to AWS Lambda to avoid the path character limit.

aws lambda configuration

aws-sdk request

@everything-registry/sub-chunk-2041 @zalastax/nolb-lam

8 years ago

8 years ago

8 years ago

8 years ago