Search code examples
amazon-ec2

AWS EC2 Express server and storage of ENV keys

I am trying to host my express server. I am cloning the repo into my ec2 instance also it will need env keys for database.

How to store the env keys. Will it be correct if I just create .env keys into my project inside of ec2 and launch my server.

The application will be exposed on the public ip on port 8000

Solution

  • It is best practice to keep only normal configuraiton properties in env file. but for confidential properties like user name and password, you should configure it using a shell script.

    Sample Script

    #!/bin/bash
export DB_USER="value"
export DB_PASSWORD="value"
npm run start

    Solution 1:

    • You can call it startup script which contains above code, and start ec2 machine, and execute this manually.

    Solution 2:

    • set this as user data on ec2 machine startup configuration
    • it will run every time you ec2 restart, this is recommended way.

    Further you can explore, these are AWS service to get secured key=value pairs

    • AWS System Manager Parameter Store
    • AWS Secret Manager