Missing required key 'KeyId' in params

marcy-terui / serverless-crypt

Securing the secrets on Serverless Framework by AWS KMS encryption

https://www.npmjs.com/package/serverless-crypt

MIT License

79 stars 14 forks source link

Missing required key 'KeyId' in params #3

Open Outc4sted opened 7 years ago

Outc4sted commented 7 years ago

This error happens when I attempt to encrypt. The alias for my KMS is PhotoboothConn

service: userApi
provider:
   ...
plugins:
   - serverless-crypt
custom:
   - cryptKeyId: ${env:PhotoboothConn}
functions:
   ...

And the command I run is sls encrypt -n PhotoboothConn -t "postgres://restOfConnectionString" --save

marcy-terui commented 7 years ago

@Outc4sted Thank you for your reporting.

cryptKeyId must be a valid KMS key ID. Does ${env:PhotoboothConn} mean "Using PhotoboothConn environment variable" in Serverless Framework.

Have you set PhotoboothConn environment variable?

Outc4sted commented 7 years ago

I didn't. I thought when I created the KMS it would automatically be set as an environment var for my lambdas. I just tried with pasting my key id in there and that worked, so thanks. Is it okay to make that into an environment var within my serverless.yml or is that something sensitive I don't want in plain text?

marcy-terui commented 7 years ago

Is it okay to make that into an environment var within my serverless.yml or is that something sensitive I don't want in plain text?

I think it is better not to show the ID to others. But, it is not a problem. It's like Account ID in the relationship between Account ID and Password.