Invoking the Lambda function via AWS Console or AWS CLI to create a request to the Secrets Manager to either retrieve or update the Secret Value.
NOTE: When the stack is being deployed, please remember that it will automatically generate a default secret value if not initialized.
- Go to Lambda → Lambda Function → Test tab
- Update the Event JSON textarea field (see sample payload)
- Click on the Test button in the upper right corner
-
Use the following command and replace the placeholder
lambda_function_namewith the actual Lambda function nameaws lambda invoke \ --function-name lambda_function_name \ --payload '{"action": "update", "secret": {"username": "john.doe", "password": "john.doe.123", "email": "john.doe@email.com"}}' \ --cli-binary-format raw-in-base64-out \ response.json
-
Updating Secret Value
{ "action": "update", "secret": { "username": "john.doe", "password": "john.doe.123", "email": "john.doe@email.com" } } -
Retrieving Secret Value
{ "action": "get" }
- Securely retrieving secrets with AWS Lambda
- Use AWS Secrets Manager secrets in AWS Lambda functions
- Best practices for designing and using partition keys effectively
npm run buildcompile typescript to jsnpm run watchwatch for changes and compilenpm run testperform the jest unit testscdk deploydeploy this stack to your default AWS account/regioncdk diffcompare deployed stack with current statecdk synthemits the synthesized CloudFormation template
-
Install all the dependencies, bootstrap your project, and synthesized CloudFormation template.
# Without passing "profile" parameter dev@dev:~:aws-cdk-samples/lambda/lambda-secretsmanager$ make init # With "profile" parameter dev@dev:~:aws-cdk-samples/lambda/lambda-secretsmanager$ make init profile=[profile_name]
-
Deploy the project.
# Without passing "profile" parameter dev@dev:~:aws-cdk-samples/lambda/lambda-secretsmanager$ make deploy # With "profile" parameter dev@dev:~:aws-cdk-samples/lambda/lambda-secretsmanager$ make deploy profile=[profile_name]