问题
I want to get rid off hardcoded passwords in my lambda that is deployed to AWS. I found I shall modify packaged.yaml:
Parameters:
DATABASE_URI:
Description: 'Required. MongoDB connection URL'
Type: 'String'
Resources:
BUDAuthorizeUserHandler:
Type: AWS::Serverless::Function
Properties:
FunctionName: BUDAuthorizeUserHandler
Handler: src/handlers/users/authorizeUser.handler
Runtime: nodejs10.x
Environment:
Variables:
MONGODB_URI: !Ref DATABASE_URI
This is the usage:
const MONGODB_URI = process.env.MONGODB_URI;
console.log(MONGODB_URI);
So far so good and according to the specification. But I spent two hours trying to make it work locally.
Configuration file env.json
{
"BUDAuthorizeUserHandler": {
"MONGODB_URI": "mongodb+srv://USER:PASSWORD@HOST/bud?retryWrites=true&w=majority"
}
}
I tried these options but the environment variable was never defined:
sam local start-api --env-vars env.json
sam local start-api --parameter-overrides ParameterKey=DATABASE_URI,ParameterValue="mongodb+srv://USER:PASSWORD@HOST/bud?retryWrites=true&w=majority"
I have walked through these pages:
https://github.com/awslabs/aws-sam-cli/issues/1163 aws-sam-local environment variables How do I specify template parameters when running AWS SAM Local? Setting environmental variables with !Ref in AWS SAM?
SAM CLI, version 0.39.0
How to make it work? What do I do wrong?
回答1:
You can go through this article which has some examples to use AWS SAM to create different AWS resources.
The problem in your case might be that the Parameter name DATABASE_URI contains non-alphanumeric characters (underscore in your example). Try renaming it to DatabaseUri and doing the same in your sam invoke local command. It should work.
Also, you need the changes in template.yaml, not packaged.yaml. packaged.yaml is auto-generated when you run the sam package command.
On making these changes, following template.yaml works for me.
Parameters:
DatabaseUri: # Changed this to remove underscore
Description: 'Required. MongoDB connection URL'
Type: 'String'
Resources:
BUDAuthorizeUserHandler:
Type: AWS::Serverless::Function
Properties:
FunctionName: BUDAuthorizeUserHandler
Handler: index.pingWithEnvVariable # Ignore this change, my test function is at this location
Runtime: nodejs10.x
Environment:
Variables:
MONGODB_URI: !Ref DatabaseUri # Removed underscore from here as well, obviously
index.js (returning the value of env variable in the output for testing)
exports.pingWithEnvVariable = async event => {
const response = {};
response.statusCode = 200;
const env = process.env.MONGODB_URI;
response.body = JSON.stringify({ env });
return response;
};
used the same env.json as yours
$ sam local invoke BUDAuthorizeUserHandler --env-vars env.json
START RequestId: 6a9d398c-fecd-1b07-c9a0-d9fe4293cfe1 Version: $LATEST
END RequestId: 6a9d398c-fecd-1b07-c9a0-d9fe4293cfe1
REPORT RequestId: 6a9d398c-fecd-1b07-c9a0-d9fe4293cfe1 Init Duration: 211.76 ms Duration: 5.66 ms Billed Duration: 100 ms Memory Size: 128 MB Max Memory Used: 43 MB
{"statusCode":200,"body":"{\"env\":\"mongodb+srv://USER:PASSWORD@HOST/bud?retryWrites=true\u0026w=majority\"}"}
Works with parameter overrides as well
$ sam local invoke BUDAuthorizeUserHandler --parameter-overrides 'ParameterKey=DatabaseUri,ParameterValue=mongodb+srv://USER:PASSWORD@HOST/bud?retryWrites=true&w=majority'
START RequestId: e0415251-2655-139b-e5df-5f9db658ca01 Version: $LATEST
END RequestId: e0415251-2655-139b-e5df-5f9db658ca01
REPORT RequestId: e0415251-2655-139b-e5df-5f9db658ca01 Init Duration: 163.06 ms Duration: 6.88 ms Billed Duration: 100 ms Memory Size: 128 MB Max Memory Used: 43 MB
{"statusCode":200,"body":"{\"env\":\"mongodb+srv://USER:PASSWORD@HOST/bud?retryWrites=true\u0026w=majority\"}"}
来源:https://stackoverflow.com/questions/59706797/aws-sam-local-and-environment-parameters