I am trying to develop a AWS Serverless API project using API gateway and lambda functions. I am using SAM model provided by AWS and Visual studio's AWS Serverless project template which includes cloudformation template too.
I do not want to store DB information in configuration file due to security reasons, I would like to know how can I use AWS Secrets Manager to get DB connection information in lambda function at run-time.
A code sample would be a great help as I could only find python examples using Boto3, .net core samples or explanation for serverless API and lmbda is not that much available on internet I guess. Any help or clue would be appreciated.
Thanks.
[Approach 1]
You may use dynamic referencing in Cloudformation as follows:
Example of dynamic referencing with DB:
This approach is simple yet will need redeploys on credentials updates.
[Approach 2]
Alternatively, you may pass the Secret Manager variable names in the environment variables and then use those names to retrieve the values.
Add the nuget package for SecretsManager. Write class for querying:
Use the class as follows:
Please refer to this article for more details.