Skip to content

Commit 8341e1a

Browse files
JakeiiJakeii
committed
fastly params are secure strings
1 parent e883016 commit 8341e1a

File tree

2 files changed

+26
-27
lines changed

2 files changed

+26
-27
lines changed

ab-testing/cdk/lib/__snapshots__/dictionaryDeployLambda.test.ts.snap

Lines changed: 6 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,7 @@ exports[`The ID5 Baton Lambda stack > matches the CODE snapshot 1`] = `
1212
"Type": "AWS::SSM::Parameter::Value<String>",
1313
"Default": "/account/services/dotcom-store.bucket"
1414
},
15-
"SsmParameterValueabtestingdeployCODEfastlyapitokenC96584B6F00A464EAD1953AFF4B05118Parameter": {
16-
"Type": "AWS::SSM::Parameter::Value<String>",
17-
"Default": "/ab-testing-deploy/CODE/fastly-api-token"
18-
},
19-
"SsmParameterValueabtestingdeployCODEfastlyabtestingconfigC96584B6F00A464EAD1953AFF4B05118Parameter": {
15+
"FastlyAbTestingConfigParameterParameter": {
2016
"Type": "AWS::SSM::Parameter::Value<String>",
2117
"Default": "/ab-testing-deploy/CODE/fastly-ab-testing-config"
2218
},
@@ -224,11 +220,9 @@ exports[`The ID5 Baton Lambda stack > matches the CODE snapshot 1`] = `
224220
},
225221
"Environment": {
226222
"Variables": {
227-
"FASTLY_API_TOKEN": {
228-
"Ref": "SsmParameterValueabtestingdeployCODEfastlyapitokenC96584B6F00A464EAD1953AFF4B05118Parameter"
229-
},
223+
"FASTLY_API_TOKEN": "{{resolve:ssm-secure:/ab-testing-deploy/CODE/fastly-api-token}}",
230224
"FASTLY_AB_TESTING_CONFIG": {
231-
"Ref": "SsmParameterValueabtestingdeployCODEfastlyabtestingconfigC96584B6F00A464EAD1953AFF4B05118Parameter"
225+
"Ref": "FastlyAbTestingConfigParameterParameter"
232226
},
233227
"STAGE": "CODE",
234228
"ARTIFACT_BUCKET_NAME": {
@@ -311,11 +305,7 @@ exports[`The ID5 Baton Lambda stack > matches the PROD snapshot 1`] = `
311305
"Type": "AWS::SSM::Parameter::Value<String>",
312306
"Default": "/account/services/dotcom-store.bucket"
313307
},
314-
"SsmParameterValueabtestingdeployPRODfastlyapitokenC96584B6F00A464EAD1953AFF4B05118Parameter": {
315-
"Type": "AWS::SSM::Parameter::Value<String>",
316-
"Default": "/ab-testing-deploy/PROD/fastly-api-token"
317-
},
318-
"SsmParameterValueabtestingdeployPRODfastlyabtestingconfigC96584B6F00A464EAD1953AFF4B05118Parameter": {
308+
"FastlyAbTestingConfigParameterParameter": {
319309
"Type": "AWS::SSM::Parameter::Value<String>",
320310
"Default": "/ab-testing-deploy/PROD/fastly-ab-testing-config"
321311
},
@@ -523,11 +513,9 @@ exports[`The ID5 Baton Lambda stack > matches the PROD snapshot 1`] = `
523513
},
524514
"Environment": {
525515
"Variables": {
526-
"FASTLY_API_TOKEN": {
527-
"Ref": "SsmParameterValueabtestingdeployPRODfastlyapitokenC96584B6F00A464EAD1953AFF4B05118Parameter"
528-
},
516+
"FASTLY_API_TOKEN": "{{resolve:ssm-secure:/ab-testing-deploy/PROD/fastly-api-token}}",
529517
"FASTLY_AB_TESTING_CONFIG": {
530-
"Ref": "SsmParameterValueabtestingdeployPRODfastlyabtestingconfigC96584B6F00A464EAD1953AFF4B05118Parameter"
518+
"Ref": "FastlyAbTestingConfigParameterParameter"
531519
},
532520
"STAGE": "PROD",
533521
"ARTIFACT_BUCKET_NAME": {

ab-testing/cdk/lib/dictionaryDeployLambda.ts

Lines changed: 20 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,24 @@ export class DictionaryDeployLambda extends GuStack {
2626
),
2727
);
2828

29+
const fastlyApiKeyParameter =
30+
StringParameter.fromSecureStringParameterAttributes(
31+
this,
32+
"FastlyApiKeyParameter",
33+
{
34+
parameterName: `/${app}/${this.stage}/fastly-api-token`,
35+
},
36+
);
37+
38+
const fastlyConfigParameter =
39+
StringParameter.fromStringParameterAttributes(
40+
this,
41+
"FastlyAbTestingConfigParameter",
42+
{
43+
parameterName: `/${app}/${this.stage}/fastly-ab-testing-config`,
44+
},
45+
);
46+
2947
const lambda = new GuLambdaFunction(this, "ID5BatonLambda", {
3048
functionName: `${app}-${this.stage}`,
3149
fileName: "lambda.zip",
@@ -34,15 +52,8 @@ export class DictionaryDeployLambda extends GuStack {
3452
runtime: Runtime.NODEJS_22_X,
3553
memorySize: 256,
3654
environment: {
37-
FASTLY_API_TOKEN: StringParameter.valueForStringParameter(
38-
this,
39-
`/${app}/${this.stage}/fastly-api-token`,
40-
),
41-
FASTLY_AB_TESTING_CONFIG:
42-
StringParameter.valueForStringParameter(
43-
this,
44-
`/${app}/${this.stage}/fastly-ab-testing-config`,
45-
),
55+
FASTLY_API_TOKEN: fastlyApiKeyParameter.stringValue,
56+
FASTLY_AB_TESTING_CONFIG: fastlyConfigParameter.stringValue,
4657
STAGE: this.stage,
4758
ARTIFACT_BUCKET_NAME: s3Bucket.bucketName,
4859
},

0 commit comments

Comments
 (0)