Categorygithub.com/nguyengg/go-aws-commons/lambdagetenv
package
0.1.9
Repository: https://github.com/nguyengg/go-aws-commons.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
8
Dependents
0
Files
188 SLOC

# README

Decouple how to retrieve a variable of any type (usually string or binary)

In Lambda, more often than not you would use environment variables to configure the runtime. You may also want to retrieve from Parameter Store or Secrets Manager instead if you have credentials or secrets. This module provides an abstract to decouple usage of an environment from how it is retrieved.

package main

import (
	"context"
	"crypto/hmac"
	"crypto/sha256"
	"log"

	"github.com/aws/aws-sdk-go-v2/aws"
	"github.com/aws/aws-sdk-go-v2/service/secretsmanager"
	"github.com/aws/aws-sdk-go-v2/service/ssm"
	"github.com/nguyengg/go-aws-commons/lambda/getenv"
)

func main() {
	// while prototyping, you can retrieve from environment variable
	// r is the string value from environment variable named TEST
	v := getenv.Env("TEST")
	r := v.MustGet()
	log.Printf("%s (%T)", r, r) // r is a string

	// now you want to retrieve from Parameter Store using the AWS Parameter Store and Secrets Lambda extension
	// (available since we're running in Lambda) instead.
	v = getenv.ParameterString(&ssm.GetParameterInput{
		Name:           aws.String("my-parameter-name"),
		WithDecryption: aws.Bool(true),
	})
	r, err := v.GetWithContext(context.Background())
	log.Printf("%s (%T)", r, r) // r is a string

	// if you need to retrieve some binary key from Secrets Manager using the AWS Parameter Store and Secrets Lambda
	// extension (available since we're running in Lambda).
	// in this example, the key is retrieved and then used as secret key for HMAC verification.
	key := getenv.SecretBinary(&secretsmanager.GetSecretValueInput{
		SecretId:     aws.String("my-secret-id"),
		VersionId:    nil,
		VersionStage: nil,
	})
	h := hmac.New(sha256.New, key.MustGetWithContext(context.Background()))
	h.Write( /* some data */ )
	h.Sum(nil)
}

# Functions

DefaultSecretStringDecoder attempts to decode the string first with base64.RawStdEncoding, then with hex.DecodeString, and as a fallback, converts the string to []byte.
Env calls os.Getenv and returns that value in subsequent calls.
EnvAs calls os.Getenv, decodes with m, then returns that value in subsequent calls.
Getenv calls os.Getenv on every invocation and returns its value.
GetenvAs calls os.Getenv on every invocation, decodes with m, and returns its value.
Map provides a way to transform the original variable into another type.
ParameterAs creates a Parameter Store Variable of type T that retrieves from the AWS Parameter and Secrets Lambda extension.
ParameterBinary creates a ParameterAs Store binary Variable that retrieves from the AWS Parameter and Secrets Lambda extension.
ParameterString creates a string Parameter Store Variable that retrieves from the AWS Parameter and Secrets Lambda extension.
SecretAs creates a Secrets Manager Variable of type T that retrieves from the AWS Parameter and Secrets Lambda extension.
SecretBinary creates a binary Secrets Manager Variable that retrieves from the AWS Parameter and Secrets Lambda extension.
SecretBinaryWithDecoder creates a binary Secrets Manager Variable that retrieves from the AWS Parameter and Secrets Lambda extension.
SecretString creates a string Secrets Manager Variable that retrieves from the AWS Parameter and Secrets Lambda extension.
WithBase64Encoding can be used to automatically base64-decode the variable.

# Interfaces

Variable defines ways to retrieve a variable.