Touch AWS Lambda environment variable support

Try using AWS Lambda environment variable support immediately

It's a feature you've been waiting for. Click here for Lambda's environment variable support article (https://aws.amazon.com/jp/blogs/aws/new-for-aws-lambda-environment-variables-and-serverless-application-model/) This makes the coding part such as the difference between the development and commercial setting environment convenient. Personally, I think it's also useful to not have to hard-code the log output level flag for debugging or the connection information.

Environment variable name constraints

There is no limit to the number, Total 4KB Must start with an alphabet, a-zA-z0-9_, so the symbol can only be "_"

There is also a reserved name, so the following Key names cannot be used AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_ACCESS_KEY AWS_SECRET_KEY AWS_SECURITY_TOKEN AWS_DEFAULT_REGION AWS_REGION AWS_LAMBDA_LOG_GROUP_NAME AWS_LAMBDA_LOG_STREAM_NAME AWS_LAMBDA_FUNCTION_NAME AWS_LAMBDA_FUNCTION_MEMORY_SIZE AWS_LAMBDA_FUNCTION_VERSION LAMBDA_TASK_ROOT LAMBDA_RUNTIME_DIR

Please be sure to check Official for the latest information.

Setting environment variables

Set with KeyValue.

From the GUI, the environment variable part is added under the code editor. For the time being, try setting "env" for Key and "prd" for Value.

From the CLI, refer to the setting up of here.

It is a flow until acquisition for the time being

Obviously, it can be taken as an environment variable. .. Sample in python

just_print.py

import os

def lambda_handler(event, context):
    # TODO implement

    print '---all env value---'    
    for i in os.environ.items():
        print i

    print '---get target---'            
    print os.environ['env']
    
    return
    

result

---all env value---
('AWS_LAMBDA_FUNCTION_VERSION', '$LATEST')
('LAMBDA_TASK_ROOT', '/var/task')
('PATH', '/usr/local/bin:/usr/bin/:/bin')
('LD_LIBRARY_PATH', '/lib64:/usr/lib64:/var/runtime:/var/runtime/lib:/var/task:/var/task/lib')
('LANG', 'en_US.UTF-8')
('AWS_LAMBDA_FUNCTION_NAME', 'Just_print_event')
('AWS_REGION', 'us-west-2')
('AWS_SESSION_TOKEN', 'xxxxx')
('AWS_SECURITY_TOKEN', 'xxxxxxx')
('LAMBDA_RUNTIME_DIR', '/var/runtime')
('AWS_LAMBDA_FUNCTION_MEMORY_SIZE', '128')
('env', 'prd')
('PYTHONPATH', '/var/runtime')
('AWS_LAMBDA_LOG_GROUP_NAME', '/aws/lambda/Just_print_event')
('AWS_LAMBDA_LOG_STREAM_NAME', '2016/11/19/[$LATEST]')
('AWS_ACCESS_KEY_ID', 'xxxxxxxxxxxxxxxxxxxxxxxxx')
('AWS_DEFAULT_REGION', 'us-west-2')
('AWS_SECRET_ACCESS_KEY', 'xxxxxxxxxxxxxxxxxxxxxx')
---get target---
prd

Notes

It is recommended not to put confidential information such as connection password to DB in plain text. Let's consider encryption processing using KMS etc.!

Storing Sensitive Information

For sensitive information, such as database passwords, we recommend you use client-side encryption using AWS Key Management Service and store the resulting values as Ciphertext in your environment variable. You will need to include logic in your Lambda function code to decrypt these values.

Disclaimer

This post is an individual opinion and is not related to the company or organization to which it belongs. In addition, we do not guarantee the operation of the sample program posted, so please use it as a reference only.