aws-env-creator
Create an env file from AWS Secrets Manager.
Getting Started
Install npm package
yarn
yarn add @nekonomokochan/aws-env-creator
npm
npm install --save @nekonomokochan/aws-env-creator
Set up AWS credentials
Please set credentials using AWS CLI.
The following is the setting procedure in MacOS.
brew install awscliaws configure --profile YOUR_PROFILE_NAME
AWS Access Key ID [None]: `YOUR_AWS_ACCESS_KEY_ID`
AWS Secret Access Key [None]: `YOUR_AWS_SECRET_ACCESS_KEY`
Default region name [None]: ap-northeast-1
Default output format [None]: json
profile is optional parameter.
However, in that case please make sure that AWS-SDK can access SecretManager by some means.
For example, there are the following methods.
- Set credentials for default profile.
- Give access to SecretManager with IAM policy.
The access key must also have at least the following permissions.
secretsmanager:ListSecretssecretsmanager:DescribeSecretsecretsmanager:GetSecretValuekms:Decrypt
How To Use
Use With TypeScript
import { createEnvFile, EnvFileType, AwsRegion } from "@nekonomokochan/aws-env-creator";
(async () => {
const params = {
type: EnvFileType.dotenv,
outputDir: "./",
secretIds: ["dev/app"],
profile: "nekochans-dev",
region: AwsRegion.ap_northeast_1
};
await createEnvFile(params);
})();.env is created in your current directory.
Use With JavaScript
(async () => {
"use strict";
const awsEnvCreator = require("@nekonomokochan/aws-env-creator");
const params = {
type: ".env",
outputDir: "./",
secretIds: ["dev/app"],
profile: "nekochans-dev",
region: "ap-northeast-1"
};
await awsEnvCreator.createEnvFile(params);
})();.env is created in your current directory.
Set an environment variable with an arbitrary key name
Assume that the following information is registered in your AWS Secret Manager.
{
"ANOTHER_API_KEY": "another_api_key",
"ANOTHER_API_SECRET": "another_api_secret"
}When this code is executed, .envrc is created with the following contents.
(async () => {
const params = {
type: EnvFileType.direnv,
outputDir: "./",
secretIds: ["dev/app"],
profile: "nekochans-dev",
region: AwsRegion.ap_northeast_1,
keyMapping: {
ANOTHER_API_KEY: "AWS_API_KEY",
ANOTHER_API_SECRET: "AWS_API_SECRET"
}
};
await createEnvFile(params);
})();export AWS_API_KEY=another_api_key
export AWS_API_SECRET=another_api_secret
Define the environment variable to output
When this code is executed, .envrc is created with the following contents.
(async () => {
const params = {
type: EnvFileType.direnv,
outputDir: "./",
secretIds: ["dev/app"],
profile: "nekochans-dev",
region: AwsRegion.ap_northeast_1,
outputWhitelist: ["ANOTHER_API_KEY"],
};
await createEnvFile(params);
})();export ANOTHER_API_KEY=another_api_key
Optionally set optional parameters
Use With TypeScript
import { createEnvFile, EnvFileType, AwsRegion } from "@nekonomokochan/aws-env-creator";
(async () => {
const params = {
type: EnvFileType.dotenv,
outputDir: "./",
secretIds: ["dev/app"],
profile: "nekochans-dev",
region: AwsRegion.ap_northeast_1,
addParams: { APP_URL: "http://localhost/3000" }
};
await createEnvFile(params);
})();Use With JavaScript
(async () => {
"use strict";
const awsEnvCreator = require("@nekonomokochan/aws-env-creator");
const params = {
type: ".env",
outputDir: "./",
secretIds: ["dev/app"],
profile: "nekochans-dev",
region: "ap-northeast-1",
addParams: { APP_URL: "http://localhost/3000" }
};
await awsEnvCreator.createEnvFile(params);
})();The following file will be output.
{
"ANOTHER_API_KEY": "another_api_key",
"ANOTHER_API_SECRET": "another_api_secret",
"APP_URL": "http://localhost/3000"
}create from AWS ParameterStore
You can generate env file from AWS Systems Manager Parameter Store.
For example, suppose that the following ParameterStore is registered.
| key | value |
|---|---|
| /dev/test-app/news/sendgrid-api-key | DummySendGridAPIKEY0001 |
| /dev/test-app/news/slack-token | DummySlackToken0001 |
You need to specify parameterPath instead of secretIds.
import { createEnvFile, EnvFileType, AwsRegion } from "@nekonomokochan/aws-env-creator";
(async () => {
const params = {
type: EnvFileType.dotenv,
outputDir: "./",
parameterPath: "/dev/test-app/news",
profile: "nekochans-dev",
region: AwsRegion.ap_northeast_1
};
await createEnvFile(params);
})();The contents of the created .env are as follows.
sendgrid-api-key=DummySendGridAPIKEY0001
slack-token=DummySlackToken0001
parameterPath and secretIds can be used together.
A description of the parameter
| parameter | description | value |
|---|---|---|
| type | The type of file to output | Enum .env .envrc terraform.tfvars
|
| outputDir | Output path | String |
| secretIds | Your AWS Secrets Manager ID | String[] |
| parameterPath | Your AWS Parameter Store Path | String |
| profile | Your AWS CLI Credentials Name | String |
| region | The region where your AWS Secrets Manager is located | String |
| outputWhitelist | Output Parameters | String[] |
| keyMapping | Key Mapping Object | Object |
| addParams | Additional Parameters | Object |
| outputFilename | Use this when you want to change the output file name | String |
License
MIT