Open yuvadm opened 1 month ago
Maybe use AWS Systems Manager and then fetch at runtime as a best practice, and a secure solution
@AmirFone interesting proposal, but right now I'm using a very lean deployment of Lambda/Chalice and would prefer a solution that does not involve any additional AWS products that will bloat my deployment.
Documentation states that all environment variables, global or per-stage, should be set in
.chalice/config.json
.However, assuming
config.json
is committed to source control, this is a bad practice that commit secrets to a shared project.Setting environment variables directly through the AWS Lambda web UI is a non-solution since they will be deleted / overridden on the next
chalice deploy
.What's the best way to store env vars in a secure way that also allows committing
config.json
to source control?