It's a feature you've been waiting for. Click here for Lambda's environment variable support article (https://aws.amazon.com/jp/blogs/aws/new-for-aws-lambda-environment-variables-and-serverless-application-model/) This makes the coding part such as the difference between the development and commercial setting environment convenient. Personally, I think it's also useful to not have to hard-code the log output level flag for debugging or the connection information.
There is no limit to the number, Total 4KB Must start with an alphabet, a-zA-z0-9_, so the symbol can only be "_"
There is also a reserved name, so the following Key names cannot be used AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_ACCESS_KEY AWS_SECRET_KEY AWS_SECURITY_TOKEN AWS_DEFAULT_REGION AWS_REGION AWS_LAMBDA_LOG_GROUP_NAME AWS_LAMBDA_LOG_STREAM_NAME AWS_LAMBDA_FUNCTION_NAME AWS_LAMBDA_FUNCTION_MEMORY_SIZE AWS_LAMBDA_FUNCTION_VERSION LAMBDA_TASK_ROOT LAMBDA_RUNTIME_DIR
Please be sure to check Official for the latest information.
Set with KeyValue.
From the GUI, the environment variable part is added under the code editor. For the time being, try setting "env" for Key and "prd" for Value.
From the CLI, refer to the setting up of here.
Obviously, it can be taken as an environment variable. .. Sample in python
just_print.py
import os
def lambda_handler(event, context):
# TODO implement
print '---all env value---'
for i in os.environ.items():
print i
print '---get target---'
print os.environ['env']
return
---all env value---
('AWS_LAMBDA_FUNCTION_VERSION', '$LATEST')
('LAMBDA_TASK_ROOT', '/var/task')
('PATH', '/usr/local/bin:/usr/bin/:/bin')
('LD_LIBRARY_PATH', '/lib64:/usr/lib64:/var/runtime:/var/runtime/lib:/var/task:/var/task/lib')
('LANG', 'en_US.UTF-8')
('AWS_LAMBDA_FUNCTION_NAME', 'Just_print_event')
('AWS_REGION', 'us-west-2')
('AWS_SESSION_TOKEN', 'xxxxx')
('AWS_SECURITY_TOKEN', 'xxxxxxx')
('LAMBDA_RUNTIME_DIR', '/var/runtime')
('AWS_LAMBDA_FUNCTION_MEMORY_SIZE', '128')
('env', 'prd')
('PYTHONPATH', '/var/runtime')
('AWS_LAMBDA_LOG_GROUP_NAME', '/aws/lambda/Just_print_event')
('AWS_LAMBDA_LOG_STREAM_NAME', '2016/11/19/[$LATEST]')
('AWS_ACCESS_KEY_ID', 'xxxxxxxxxxxxxxxxxxxxxxxxx')
('AWS_DEFAULT_REGION', 'us-west-2')
('AWS_SECRET_ACCESS_KEY', 'xxxxxxxxxxxxxxxxxxxxxx')
---get target---
prd
It is recommended not to put confidential information such as connection password to DB in plain text. Let's consider encryption processing using KMS etc.!
Storing Sensitive Information
For sensitive information, such as database passwords, we recommend you use client-side encryption using AWS Key Management Service and store the resulting values as Ciphertext in your environment variable. You will need to include logic in your Lambda function code to decrypt these values.
This post is an individual opinion and is not related to the company or organization to which it belongs. In addition, we do not guarantee the operation of the sample program posted, so please use it as a reference only.
Recommended Posts