...
The goal of the tutorial is to Add add the environment variables using the environment file present at the git repository and input argument, in the already created Lambda Function. We are going to add secured variables also and to encrypt these variables we are going to use the AWS KMS key. Also we are going to publish the function version with added environment variables. We will have project property added in the deploy workflow and this project property value will be the list of the environment variables which that we are going to provide in the input argument of the environment variables. We can use the dynamic value in both the environment file and input argument, please refer the document to get more details about environment variables' acceptable structure.
configuration of the properties e.g. Cloud account, and CLI path.
cloning the environment files file from a Git repository.
adding the environment variables to the Lamba function.
sample code to retrieve the value of secured environment variables.
...
Checklist | Description |
AWS Access Key | AWS Access Key of the user. |
AWS Secret Key | Password for the Access Key |
AWS Default Region | Default region can be set. eg. ap-south-1 |
AWS CLI installation | AWS CLI needs to be installed where the plugin operation shall run (FlexDeploy server) |
AWS CLI in class path | AWS CLI should be added to the class path on the FlexDeploy Server. Else the path can also be set under FlexDeploy environment level property |
AWS Lambda Function | AWS Lambda Function should be already present. |
AWS KMS Key | AWS KMS key to secured the environment variable. |
Configure Cloud account
To connect with AWS Lambda Function, we required to configure Cloud account, with credentials details. Configure AWS Cloud Account under Integration. FlexDeploy will connect to the Lambda Function and add the environment variables.
...
It should have a AWS Access Key and AWS Secret Key. The user must have relevant access to do the deployment on EKS clusterAWS Lambda Function.
...
AWS Secret Key is a password field and hence needs to be kept hidden. To update the same click on the pencil icon as shown below
Update the AWS Secret Key value under Secret Text. This is to make sure no one else can retrieve the password
...
To access the Lambda Function we need to create an AWS IAM account with required permissions. To create the AWS IAM user navigate to the AWS Identity and Access Management (IAM) service page, and click on the Add users option. Next assign the required permission to access the Lambda Function. Once user is created, AWS secret key can be generated, this key we have to configure in Cloud account.
...