Skip to content

Commit

Permalink
plat-1798 - set env vars for AWS creds from cached credentials in inv…
Browse files Browse the repository at this point in the history 
…oke local

this allows for use of credentials provided by a deploy profile in the
serverless dashboard
  • Loading branch information
@dschep
dschep committed Nov 7, 2019
1 parent 801539a commit ae36c25
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 1 deletion.
10 changes: 9 additions & 1 deletion lib/plugins/aws/invokeLocal/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -128,6 +128,14 @@ class AwsInvokeLocal {
NODE_PATH: '/var/runtime:/var/task:/var/runtime/node_modules',
};

const credentialEnvVars = this.provider.cachedCredentials
? {
AWS_ACCESS_KEY_ID: this.provider.cachedCredentials.accessKeyId,
AWS_SECRET_ACCESS_KEY: this.provider.cachedCredentials.secretAccessKey,
AWS_SESSION_TOKEN: this.provider.cachedCredentials.sessionToken,
}
: {};

// profile override from config
const profileOverride = this.provider.getProfile();
if (profileOverride) {
Expand All @@ -136,7 +144,7 @@ class AwsInvokeLocal {

const configuredEnvVars = this.getConfiguredEnvVars();

_.merge(process.env, lambdaDefaultEnvVars, configuredEnvVars);
_.merge(process.env, lambdaDefaultEnvVars, credentialEnvVars, configuredEnvVars);

return BbPromise.resolve();
}
Expand Down
12 changes: 12 additions & 0 deletions lib/plugins/aws/invokeLocal/index.test.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -327,6 +327,18 @@ describe('AwsInvokeLocal', () => {
expect(process.env.NODE_PATH).to.equal('/var/runtime:/var/task:/var/runtime/node_modules');
}));

it('it should set credential env vars', () => {
provider.cachedCredentials.accessKeyId = 'ID';
provider.cachedCredentials.secretAccessKey = 'SECRET';
provider.cachedCredentials.sessionToken = 'TOKEN';

return awsInvokeLocal.loadEnvVars().then(() => {
expect(process.env.AWS_ACCESS_KEY_ID).to.equal('ID');
expect(process.env.AWS_SECRET_ACCESS_KEY).to.equal('SECRET');
expect(process.env.AWS_SESSION_TOKEN).to.equal('TOKEN');
});
});

it('should fallback to service provider configuration when options are not available', () => {
awsInvokeLocal.provider.options.region = null;
awsInvokeLocal.serverless.service.provider.region = 'us-west-1';
Expand Down

0 comments on commit ae36c25

Please sign in to comment.