Middy ssm middleware
SSM (AWS System Manager Parameter) middleware for the middy framework, the stylish Node.js middleware engine for AWS Lambda
This middleware fetches parameters from AWS Systems Manager Parameter Store.
Parameters to fetch can be defined by path and by name (not mutually exclusive). See AWS docs here.
By default parameters are assigned to the Node.js process.env
object. They can instead be assigned to the function handler's context
object by setting the setToContext
flag to true
. By default all parameters are added with uppercase names.
The Middleware makes a single API request to fetch all the parameters defined by name, but must make an additional request per specified path. This is because the AWS SDK currently doesn't expose a method to retrieve parameters from multiple paths.
For each parameter defined by name, you also provide the name under which its value should be added to process.env
or context
. For each path, you instead provide a prefix, and by default the value from each parameter returned from that path will be added to process.env
or context
with a name equal to what's left of the parameter's full name after the defined path, with the prefix prepended. If the prefix is an empty string, nothing is prepended. You can override this behaviour by providing your own mapping function with the getParamNameFromPath
config option.
Install
To install this middleware you can use NPM:
npm install --save @middy/ssm
Options
-
cache
(boolean) (optional): Defaults tofalse
. Set it totrue
to skip further calls to AWS SSM -
paths
(object) (optional*): Map of SSM paths to fetch parameters from, where the key is the prefix for the destination name, and value is the SSM path. Example:{paths: {DB_: '/dev/service/db'}}
-
cacheExpiryInMillis
(int) (optional): Defaults toundefined
. Use this option to invalidate cached parameter values from SSM -
names
(object) (optional*): Map of parameters to fetch from SSM, where the key is the destination, and value is param name in SSM. Example:{names: {DB_URL: '/dev/service/db_url'}}
-
onChange
(function) (optional): Callback triggered when call was made to SSM. Useful when you need to regenerate something with different data. Example:{ onChange: () => { console.log('New data available')} }
-
awsSdkOptions
(object) (optional): Options to pass to AWS.SSM class constructor. -
awsSdkInstance
(object) (optional): an alternative instance of AWS.SSM to use (e.g. that has been instrumented with AWS XRay) Defaults to{ maxRetries: 6, retryDelayOptions: {base: 200} }
-
setToContext
(boolean) (optional): This will assign parameters to thecontext
object of the function handler rather than toprocess.env
. Defaults tofalse
-
throwOnFailedCall
(boolean) (optional): Defaults tofalse
. Set it totrue
if you want your lambda to fail in case call to AWS SSM fails (parameters don't exist or internal error). It will only print error if parameters are not already cached.
NOTES:
- While you don't need both
paths
andnames
, you do need at least one of them! - Lambda is required to have IAM permissions for
ssm:GetParameters*
actions -
aws-sdk
version of2.176.0
or greater is required. If your project doesn't currently useaws-sdk
, you may need to install it as adevDependency
in order to run tests
Sample usage
const middy = require('@middy/core')
const ssm = require('@middy/ssm')
const handler = middy((event, context, cb) => {
cb(null, {})
})
handler.use(ssm({
cache: true,
paths: {
SOME_PREFIX_: '/dev/db'
},
names: {
SOME_ACCESS_TOKEN: '/dev/service_name/access_token'
}
}))
// Before running the function handler, the middleware will fetch SSM params
handler(event, context, (_, response) => {
expect(process.env.SOME_PREFIX_CONNECTION_STRING).toEqual('some-connection-string') // The '/dev/db' path contains the CONNECTION_STRING parameter
expect(process.env.SOME_ACCESS_TOKEN).toEqual('some-access-token')
})
Export parameters to context object, override AWS region.
const middy = require('middy')
const { ssm } = require('middy/middlewares')
const handler = middy((event, context, cb) => {
cb(null, {})
})
handler.use(
ssm({
cache: true,
names: {
SOME_ACCESS_TOKEN: '/dev/service_name/access_token'
},
awsSdkOptions: { region: 'us-west-1' },
setToContext: true
})
)
handler(event, context, (_, response) => {
expect(context.SOME_ACCESS_TOKEN).toEqual('some-access-token')
})
Middy documentation and examples
For more documentation and examples, refers to the main Middy monorepo on GitHub or Middy official website.
Contributing
Everyone is very welcome to contribute to this repository. Feel free to raise issues or to submit Pull Requests.
License
Licensed under MIT License. Copyright (c) 2017-2018 Luciano Mammino and the Middy team.