Introduction
In this tutorial, we will learn how to integrate AWS Secrets Manager with Node.js app. AWS Secrets Manager is a service that allows you to securely store and manage sensitive data, such as passwords, API keys, and database connection strings. Node.js is a JavaScript runtime environment that allows you to build scalable web applications.
What is AWS Secrets Manager?
AWS Secrets Manager is a service that allows you to securely store and manage sensitive data, such as passwords, API keys, and database connection strings. Secrets Manager provides a central place to store your secrets, allowing you to rotate them regularly to help prevent security breaches.
Integrating AWS Secrets Manager with Node.js App
To integrate AWS Secrets Manager with Node.js app, you will need to create a new secret in Secrets Manager and then store the secret value in your Node.js app.
To create a new secret in Secrets Manager, follow these steps:
- Go to the AWS Secrets Manager console.
- Click the “Create Secret” button.
- Enter a name for your secret.
- Select the “Secure String” type.
- Enter the secret value.
- Click the “Create” button.
Once you have created a secret, you can store the secret value in your Node.js app using the @aws-sdk/client-secrets-manager library. The @aws-sdk/client-secrets-manager library is a Node.js library that allows you to access secrets stored in AWS Secrets Manager.
To install the @aws-sdk/client-secrets-manager library, run the following command in your existing project:
yarn add @aws-sdk/client-secrets-manager
After installing the package above, create a file named secret_provider.js (you can name it anything) and put the following code in that file.
const {
SecretsManagerClient,
GetSecretValueCommand,
} = require(‘@aws-sdk/client-secrets-manager’);
require(‘dotenv’).config();
const secret_name = ‘stripe_config’;
const accessKeyId = process.env.ACCESS_KEY_ID;
const secretAccessKey = process.env.SECRET_ACCESS_KEY;
Access key id and secret access key you can create in aws console IAM service, after creating a user you can create an access key.
const client = new SecretsManagerClient({
region: ‘us-east-2’,
credentials: {
accessKeyId,
secretAccessKey,
},
});
async function getStripeSecret() {
try {
const response = await client.send(
new GetSecretValueCommand({
SecretId: secret_name,
VersionStage: ‘AWSCURRENT’,
})
);
console.log(response.SecretString);
return response;
} catch (error) {
console.log(error);
}
}
module.exports = getStripeSecret;
The async function getStripeSecret retrieves a secret from AWS using client.send. It logs the secret string if successful, or logs errors if they occur during retrieval.
Conclusion
I hope you have understood the process of seamlessly integrating AWS Secrets Manager into a Node.js application. It began by crafting a new secret within Secrets Manager, followed by the strategic encapsulation of the secret value within our Node.js application. This dynamic integration enables our application to securely access sensitive information, exemplifying robust security practices. Through this tutorial, we’ve gained the prowess to harmoniously combine the power of AWS Secrets Manager and Node.js, safeguarding our application’s confidentiality and reinforcing our proficiency in the realm of modern application development.
Author: Zahid (software developer at ICS)
If you are looking for any help to set up DevOps process or want to seamlessly integrate cloud services into your backend, Do reach out to us at sales@inaraconsultancy.com.
We are only an email away!!
Leave a Reply