I currently have a SAM template, with a collection of Lambda function. In each Lambda function I have defined the credentials to my RDS database:
const connection = await mysql.createConnection({
host: '-----.-----.eu-west-2.rds.amazonaws.com',
user: '------',
password: '-----',
port: ------,
database: '----',
});
I'm aware this probably isn't the best thing to do - What is the standard way to store this information? Should it be contained inside of a global environment variable in the template?
use AWS::SSM::Parameter OR AWS::SecretsManager::Secret for storing the credentials.
Add necessary permissions to your Lambda IAM Role and then inside your lambda you can fetch them from the respective services.
How to securely provide database credentials to Lambda functions by using AWS Secrets Manager