...
The goal of the tutorial is to add the environment variables, using the environment file present at the git repository and input argument, in the already created Lambda Function. We are going to and also publish the function version. We will also add secured variables also and to encrypt these variables we are going to use the AWS KMS key. Also we are going to publish the function version with added environment variables. We will have project property added in the deploy workflow and this project property value will be contain the list of the environment variables that we are going to provide use in the workflow input argument of the environment variables. We can use the dynamic value in both the environment file and input argument, please refer to the document to get more details about environment variables' acceptable structure.
configuration of the properties e.g. Cloud account, and CLI path.
cloning the environment file from a Git repository.
adding the environment variables to the Lamba function.
sample code to retrieve the value of secured environment variables.
...
Detail of the KMS key which we are using for this tutorial:
...
We can use Key ID or Key ARN value in the project to encrypt the variables, both are accepted.
...
Git Repository Structure
The Git repository contains the Environment file.The , Sample Git repository structure is given below.
...
...
Environment Variable File Structure
This is the example of environment file with json structure, please refer the document to get more details about environment variables' acceptable structure.
...
Pre-requisite
Configure IAM User
...
Step-ii: Copy the environment file
The below step will copy the environment file to the artifact. Also check the Produces Artifact option to save the files as artifact so that can be used from Deploy workflow.
...
Below given is a sample build deploy workflow to add the environment variable to the AWS Lambda function.
...
Environment Variable File Path: Path of the file which contains list of the environment variables. Please refer to the document for more details about Lambda function name and Environment Variable File path . AWS Lambda - Environment Variable File and zip File location options
KMS detail: AWS KMS key is required to encrypt the secured variables before adding them to Lambda function. If we don’t have any secured variables in that case we don’t required to configure KMS key detail in the project. In our scenario we are adding both secured and non-secured variables to the Lambda function. Key Id or Key ARN details, both are accepted. Please refer to the document for more details. https://docs.aws.amazon.com/kms/latest/developerguide/overview.html
...
AWS CLI path can be set as environment property, if it’s not set then by default plugin will check for CLI in system classpath.
...
Override
...
Properties at Project
...
Level
Let assume a scenario, where we want to change Cloud account for any specific project. Apart from setting at environment level, it can also be set at project properties by using Override Property. Please check below mentioned steps.
...
And we have selected the publish version option from the workflow so we can verify the published function version, from the plugin output and AWS Lambda console.
...
Sample
...
Code to
...
Retrieve the
...
Secured Variables
We have also added some non-secured variables ( Password and Mysql_Connection_String ) to the Lambda Function and to encrypt these variables we have used AWS KMS key, to get the values of secured variables we can use the sample code provided by AWS Lambda according to the Function code language. In our case we are using java script, below is the sample code to get the value of secured and non-secured variables and creating the response to print the values.
...