I am trying to use zappa to launch my flask app in aws lambda & api gateway. The flask script requires a separate aws secret & access keys (needed for S3 & dynamoDB), different from the one i used for executing zappa.
I realised that I can't put it in zappa_settings.json, as they will be blocked.
Where should I put them then?
It's best practice not to use AWS Secret & Access Keys inside code if you are using Lambda Function. You should modify your Lambda Function's Execution Role and add the required permissions for accessing S3 and DynamoDB.
But if you choose not to use Lambda Function's Execution Role, you have many options to store your AWS Secret & Access Keys:
But I recommend you to modify your Lambda Function's Execution Role and add the required permissions for accessing any AWS service in your case S3 and DynamoDB.