When packaging/deploying my function, we use secrets in AWS Secrets Manager. This is fine when deployed but attempting to debug it locally with serverless offline is throwing errors.
serverless.yml
app: rest-api
service: scripts
provider:
name: aws
runtime: nodejs16.x
stage: ${opt:stage, 'preview'}
region: eu-west-1
logRetentionInDays: 7
environment:
STAGE: ${self:provider.stage}
NODE_ENV: sandbox
MONGO_SANDBOX_URL: ${self:custom.secrets.MONGO_SANDBOX_URL}
tags:
project: rest_api
model: scripts
framework: serverless
Name: reports-${opt:stage, 'preview'}-api
vpc: ${self:custom.secrets.vpc}
package:
patterns:
- '!data'
- '!bin'
- '!logs'
- '!scripts/**'
plugins:
- serverless-offline
- serverless-domain-manager
- serverless-dotenv-plugin
functions:
api-post:
name: scripts-post-${opt:stage, 'preview'}-api
handler: api/post.handler
memorySize: 1024
timeout: 900
description: "Bitbucket build: 1.0.${env:BITBUCKET_BUILD_NUMBER, 'dev'}"
events:
- http:
path: /
method: post
cors: true
api-get:
name: scripts-get-${opt:stage, 'preview'}-api
handler: api/get.handler
memorySize: 1024
timeout: 900
description: "Bitbucket build: 1.0.${env:BITBUCKET_BUILD_NUMBER, 'dev'}"
events:
- http:
path: /
method: get
cors: true
custom:
secrets: ${ssm:/aws/reference/secretsmanager/serverless-scripts-api-${self:provider.stage}, ''}
customDomain:
basePath: ${self:service}
domainName: ${self:custom.secrets.domain.domainName}
stage: ${self:provider.stage}
endpointType: regional
createRoute53Record: true
serverless-offline:
port: 3053
.env
MONGO_SANDBOX_URL=...
serverless offline spits out:
So it is picking up the variables from the .env correctly but how do I set them to be in custom.secrets? (also hopefully with the omission of looking for vpc & domain.domainName)
& serverless --version
If I run serverless offline --stage sandbox then it will work as it's taking the secrets from AWS but, for obvious reasons, I don't want to do that.
I have looked at many forums & documentation but nothing relating to this specific issue.
