Serverless Environment Variables Usage
This example demonstrates how to use environment variables for AWS Lambdas.
Use-cases
- Provide settings as environment variables to your Lambda functions
How it works
The first time you create or update Lambda functions that use environment variables in a region, a default service key is created for you automatically within AWS KMS. This key is used to encrypt environment variables.
When you create or update Lambda functions that use environment variables, AWS Lambda encrypts them using the AWS Key Management Service. When your Lambda function is invoked, those values are decrypted and made available to the Lambda code. Read more in the official AWS docs.
Setup
None needed.
Deploy
In order to deploy the you endpoint simply run
serverless deployThe expected result should be similar to:
Serverless: Creating Stack…Serverless: Checking Stack create progress….....Serverless: Stack create finished…Serverless: Packaging service…Serverless: Uploading CloudFormation file to S3…Serverless: Uploading service .zip file to S3…Serverless: Updating Stack…Serverless: Checking Stack update progress…................Serverless: Stack update finished…Service Informationservice: function-with-environment-variablesstage: devregion: us-east-1api keys: Noneendpoints: Nonefunctions: function-with-environment-variables-dev-resetPassword: arn:aws:lambda:us-east-1:377024778620:function:function-with-environment-variables-dev-resetPassword function-with-environment-variables-dev-createUser: arn:aws:lambda:us-east-1:377024778620:function:function-with-environment-variables-dev-createUserUsage
You can now invoke each of the Lambdas directly and print their log statements via
serverless invoke --function=createUser --logThe expected result should be similar to:
{ "statusCode": 200, "body": "{\"message\":\"User created\"}"}--------------------------------------------------------------------START RequestId: 78b0785d-afd3-11e6-85a7abb1cd48ef Version: $LATEST2021 11:15:48.575 (+01:00) 78b0785d-afd3-11e6-85a7abb1cd48ef PASSWORD_ITERATIONS: 40962021 11:15:48.576 (+01:00) 78b0785d-afd3-11e6-85a7abb1cd48ef PASSWORD_DERIVED_KEY_LENGTH: 2562021 11:15:48.576 (+01:00) 78b0785d-afd3-11e6-85a7abb1cd48ef EMAIL_SERVICE_API_KEY: KEYEXAMPLE1234END RequestId: 78b0785d-afd3-11e6-85a7abb1cd48efREPORT RequestId: 78b0785d-afd3-11e6-85a7abb1cd48ef Duration: 3.36 ms Billed Duration: 100 ms Memory Size: 1024 MB Max Memory Used: 15 MBserverless invoke --function=resetPassword --logThe expected result should be similar to:
{ "statusCode": 200, "body": "{\"message\":\"Password sent.\"}"}--------------------------------------------------------------------START RequestId: 9cc33dafd3-11e6-b919a4e146bf3d Version: $LATEST2021 11:16:48.838 (+01:00) 9cc33dafd3-11e6-b919a4e146bf3d EMAIL_SERVICE_API_KEY: KEYEXAMPLE1234END RequestId: 9cc33dafd3-11e6-b919a4e146bf3dREPORT RequestId: 9cc33dafd3-11e6-b919a4e146bf3d Duration: 3.14 ms Billed Duration: 100 ms Memory Size: 1024 MB Max Memory Used: 15 MBEspecially helpful for local development you can also invoke the Lambda locally and see the resulting log via
serverless invoke local --function=createUser --logThe expected result should be similar to:
PASSWORD_ITERATIONS: 4096PASSWORD_DERIVED_KEY_LENGTH: 256EMAIL_SERVICE_API_KEY: KEYEXAMPLE1234{ "statusCode": 200, "body": "{\"message\":\"User created\"}"}