I want to add environment variable with lambda while pushing from bitbucket. How we can achieve the same using
Please let me know, if there is a way to attach enviornment variable with lambda once they are pushed
@Ashish Awasthifirstly, you need to create your lambda or update the lambda with environment variable. The only way I know - it can be done via sam template.
You can do this with sam deploy pipe. See example how to do this with sam deploy https://bitbucket.org/atlassian/aws-lambda-deploy/src/aa574370ffafa6bb2ede25ac37a5e6936cdafa05/bitbucket-pipelines.yml#lines-28 .
For this pipe you will provide sam template, where you mention variables section and put there variables you will need.
Here I provide with docs that you may need to do this in aws:
- https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/sam-specification-template-anatomy-globals.html - first example is that how you pass lambda environment variables to the template.yaml . You can go basically with this doc and use basic examples from sam-deploy pipe https://bitbucket.org/atlassian/aws-sam-deploy/src/master/README.md
- BUT If you do not want to expose your environment variables (e.g., they are sensitive) in Bitbucket Cloud - use AWS embedded parameters for that ( https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/parameters-section-structure.html ) like here:
Parameters:
TableName:
Type: String
......
your other setting for your lambda function
......
Globals:
Function:
Runtime: nodejs12.x
Timeout: 180
Handler: ...
Environment: <---- your env variables
Variables:
TABLE_NAME: !Ref TableName <----- here you refer to parameters
and our STACK_PARAMETERS advanced example , when using sam-deploy pipe.
Precisely, you will need advanced example with STACK_PARAMETERS in Advanced examples section (https://bitbucket.org/atlassian/aws-sam-deploy/src/master/README.md ) :
script: - pipe: atlassian/aws-sam-deploy:1.1.0 variables: AWS_ACCESS_KEY_ID: $AWS_ID AWS_SECRET_ACCESS_KEY: $AWS_KEY AWS_DEFAULT_REGION: 'us-east-1' S3_BUCKET: 'my-s3-bucket' STACK_NAME: 'my-stack-name' SAM_TEMPLATE: 'sam_template.yaml' <------ your template yaml CAPABILITIES: ['CAPABILITY_AUTO_EXPAND'] STACK_PARAMETERS: > [{ "ParameterKey": "TableName
",
"ParameterValue": ${YOUR_SECRET_ENIRONMENT_VARIABLE} <----- your secured var here
}]
I will repeat, If you don't actually need secret environment vars to pass, you can just hardcode environment variable in Environment section and not use Parameters tool.
But we recommend the safer and more flexible way to be able to secure your lambda environment.
After executing sam-deploy pipe with such template environment variable, lambda function should be created or updated with mentioned environment variables in the template.
Hope , this explanation is not too vague.
But anyway contact us in the case of more questions or if something did not work.
Regards, Galyna
So we can pass it securely as parameters inside cloudformation stack right?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.