我是使用AWS的新手,手动我可以获得我需要的秘密,但我试图使用AWS中提供的代码片段来获得秘密值,但我尝试的所有内容都返回了未定义的值,请有人告诉我我做错了什么吗?
// Load the AWS SDK
var AWS = require('aws-sdk'),
region = "REMOVED",
secretName = "REMOVED",
secret,
decodedBinarySecret;
// Create a Secrets Manager client
var client = new AWS.SecretsManager({
region: region
});
// In this sample we only handle the specific exceptions for the 'GetSecretValue' API.
// See https://docs.aws.amazon.com/secretsmanager/latest/apireference/API_GetSecretValue.html
// We rethrow the exception by default.
client.getSecretValue({SecretId: secretName}, function(err, data) {
if (err) {
if (err.code === 'DecryptionFailureException')
// Secrets Manager can't decrypt the protected secret text using the provided KMS key.
// Deal with the exception here, and/or rethrow at your discretion.
throw err;
else if (err.code === 'InternalServiceErrorException')
// An error occurred on the server side.
// Deal with the exception here, and/or rethrow at your discretion.
throw err;
else if (err.code === 'InvalidParameterException')
// You provided an invalid value for a parameter.
// Deal with the exception here, and/or rethrow at your discretion.
throw err;
else if (err.code === 'InvalidRequestException')
// You provided a parameter value that is not valid for the current state of the resource.
// Deal with the exception here, and/or rethrow at your discretion.
throw err;
else if (err.code === 'ResourceNotFoundException')
// We can't find the resource that you asked for.
// Deal with the exception here, and/or rethrow at your discretion.
throw err;
}
else {
// Decrypts secret using the associated KMS CMK.
// Depending on whether the secret is a string or binary, one of these fields will be populated.
if ('SecretString' in data) {
secret = data.SecretString;
} else {
let buff = new Buffer(data.SecretBinary, 'base64');
decodedBinarySecret = buff.toString('ascii');
}
}
// Your code goes here.
var x = client.getSecretValue("REMOVED")
请尝试这种方式
import AWS from 'aws-sdk';
const client = new AWS.SecretsManager();
export default async () => {
const secretName = `YOUR_SECRET_NAME`;
try {
console.log('Getting secrets');
let secret;
const data = await client.getSecretValue({ SecretId: secretName }).promise();
if (data.SecretString) secret = data.SecretString;
console.log('secret: ', secret);
return secret ? JSON.parse(secret) : secret
} catch (err) {
if (err.code === 'ResourceNotFoundException') {
console.log(`The requested secret ${secretName} was not found`);
} else if (err.code === 'InvalidRequestException') {
console.log(`The request was invalid due to: ${err.message}`);
} else if (err.code === 'InvalidParameterException') {
console.log(`The request had invalid params: ${err.message}`);
}
throw error;
}
};
导入这个js文件并调用函数。
此外,如果您在本地机器上运行此代码,请不要忘记配置AWS CLI。对于配置,您可以使用以下方式之一
- 在终端中使用
aws configure命令,并按照指示进行操作 - 在您的终端中运行此命令
export AWS_ACCESS_KEY_ID=YOUR_ACCESS_KEY_HERE export AWS_SECRET_ACCESS_KEY=YOUR_SECRET_KEY_HERE export AWS_REGION=YOUR_REGION_HERE