3

Can anyone provide a simple, complete node.js lambda function where I can get a secret from secrets manager and use it? I am struggling with the async/await process. I have already tried several suggestions from other posts, but all of them, at the end, can't really use the secret in the main function. For example, I have a main function and call a second function to retrieve the secret:

xxx = retrieve_secret('mysecret');

Then, in the retrieve_secret function I am able to retrieve the secret, I can print it using console.log, but when I try to use it in the main function, it says "Promise ".

Please, help. Thanks in advance!

Improve this question
2
  • Sounds like adding an await would solve that. So xxx = await retrieve_secret('mysecret'); This makes the function where that line is asynchronous, so it requires the async keyword. Commented May 11, 2020 at 19:58
  • Right. I tried it. But it didn't work. It seems to be a little more complicated because inside the retrieve_secret function we need to call the secrets api (client.getSecretValue), so should this one also be async? I tried several things, following several articles, but none of them address it completely. Commented May 11, 2020 at 20:10

2 Answers 2

Reset to default
9

So, after a few days working on it, I was finally able to solve it :) Here is the code that worked for me:

exports.handler = async (event, context, callback) => {

   // Get Secret
   var AWS       = require('aws-sdk');
   var MyPromise = new AWS.SecretsManager();

   var Vsecret   = await MyPromise.getSecretValue({
      SecretId: 'enter-the-secret-id-here'
      }).promise();

   var MyOpenSecret = JSON.parse(Vsecret.SecretString);

   // From here, we can use the secret:
   var Vhost     = MyOpenSecret.host;
   var Vuser     = MyOpenSecret.username;
   var Vpassword = MyOpenSecret.password; 
   var Vdatabase = .....
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Looking at your question seems you are not able to read response from retrieve_secret('mysecret') method as you have mentioned it return promise, you can read it by using .then() after promise. Try doing this - 

xxx.then(res => {
    console.log(res)
})

Or here is the code to call get your secret details:

import AWS from "aws-sdk";

getSecretValue(secretName: string): Promise<string> {
        const client = new AWS.SecretsManager({ 
            region: '',
            accessKeyId: '',
            secretAccessKey: '',
        });
        const secretId = "secretName";
        return new Promise((resolve, reject) =>
            client.getSecretValue({ SecretId: secretId }, (err, data) => {
                if (err) {
                    reject(err);
                } else {
                    resolve(data.SecretString);
                }
            })
        );
    }
Improve this answer

4 Comments

Hi Abhishek, thanks for your answer. I have 2 questions: 1) For the example you gave with xxx - will the secret value return to xxx variable? If I do console.log(xxx), I will see the secret? 2) Sorry but I am just a beginner with node.js - I just copied/pasted your code, and it says "unexpected token". Do I need to replace something? Is this a function? How do I pass the secret name which I want to retrieve to this function? Thanks!
Also: Tried to implement the xxx.then, and received the following error: "errorMessage": "xxx.then is not a function",
xxx = retrieve_secret('mysecret'); xxx is the name of variable in which you have assigned your retrieve_Secret('mysecret') function. If you are using my code then add give details of "region", "accessKeyId", "secretAccessKey". Also in place of "secretName" give name of your secret.
But why we would need to provide "accessKeyId" and "secretAccessKey if we are running it from lambda? The lambda function already has the required permissions in the role attached. At least , for other services than secrets, I don't need to provide it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.