How do I securely authenticate with google service account from an AWS lambda function? I want to call some google api from AWS lambda.
You can store the credentials encrypted in Lambda environment variables too. You can either programmatically store or configure it in the aws console.
More details:
http://docs.aws.amazon.com/lambda/latest/dg/env_variables.html
CLI:
aws lambda create-function \
--region us-east-1
--function-name myTestFunction
--zip-file fileb://path/package.zip
--role role-arn
--environment Variables="{LD_LIBRARY_PATH=/usr/bin/test/lib64}"
--handler index.handler
--runtime nodejs6.10
--profile default
Nodejs:
http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Lambda.html
check on
Variables: {
in the below code.
To Encrypt, check on KMSKeyArn and provide your KMS Arn Value.
var params = {
FunctionName: 'STRING_VALUE', /* required */
DeadLetterConfig: {
TargetArn: 'STRING_VALUE'
},
Description: 'STRING_VALUE',
Environment: {
Variables: {
'<EnvironmentVariableName>': 'STRING_VALUE',
/* '<EnvironmentVariableName>': ... */
}
},
Handler: 'STRING_VALUE',
KMSKeyArn: 'STRING_VALUE',
MemorySize: 0,
Role: 'STRING_VALUE',
Runtime: nodejs | nodejs4.3 | nodejs6.10 | java8 | python2.7 | python3.6 | dotnetcore1.0 | nodejs4.3-edge,
Timeout: 0,
TracingConfig: {
Mode: Active | PassThrough
},
VpcConfig: {
SecurityGroupIds: [
'STRING_VALUE',
/* more items */
],
SubnetIds: [
'STRING_VALUE',
/* more items */
]
}
};
lambda.updateFunctionConfiguration(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
Hope it helps.