How can I create a config file for AWS RDS credentials and import them in my AWS Lambda APIs?
Question
Apologies if the question seems too basic as I'm new to AWS. I need help with creating a config file where I can store my RDS credentials and import this file inside my Lambda functions instead of writing the credentials inside each of them. The Lambda API connects to the RDS using the following credentials:
#rds settings
rds_host = "<host url>"
name = '<host name>'
password = '<host password>'
db_name = '<name of the schema being used>'
I want to put this information in a config file but I'm not able to figure out where to place this config file inside AWS and how I can import the same. The reason I want to configure this is because if I change the credentials, I want them to be reflected inside each of my Lambdas.
Thank you
1 answers
solution1
3 2020-04-13 08:25:44
Putting db credentials inside your lambda function is not a good practice . I would recommend following good practices and considering one of the following ways of passing db credentials into a lambda function:
Use environment variables of lambda function to pass the credentials. The environment variables can even be encrypted using KMS for extra security.
Use SSM Parameter Store to centrally store and mange the credentials (free).
Use AWS Secrets Manager to store and automatically rotate the db credentails (not free).
Use IAM Database Authentication for MySQL and PostgreSQL , which eliminates the use of traditional username and password for accessing a db.
If you have many lambda functions, then methods 2, 3 and 4 would be most suited. The methods also solve the problem of updating db credentials.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.