✅ - "Access secrets" documentation assumes lambda has `secretsmanager:GetSecretValue` permissions | AWS Amplify | Page 1

crystal kernel Mar 28, 2025, 8:42 PM

#

"Access secrets" documentation assumes lambda has secretsmanager:GetSecretValue permissions rather then telling us how to actually set this programmatically in the code. so ... how do we set this, programattically, in the code?

SPECIFICALLY in the auth/post-confirmation hook, if this was in a normal backend function it would be a no brainer but i can't find ANYTHING that shows us how to do it for auth functions.

crystal kernel Mar 29, 2025, 4:57 PM

#

i went this route which works better (in post-confirmation resource file):

import { defineFunction, secret } from "@aws-amplify/backend";

export const postConfirmation = defineFunction({
  name: "post-confirmation",
  environment: {
    GROUP_NAME: "USERS",
    STRIPE_SECRET_KEY: secret("STRIPE_SECRET_KEY"),
  },
  timeoutSeconds: 15,
});

and then the env.STRIPE_SECRET_KEY is available to me in the handler.ts...

#

@real forum , please mark this as resolved/answered for anyone else trying to do something similar?

quartz sphinxBOT Mar 31, 2025, 5:31 PM

#

✅ - "Access secrets" documentation assumes lambda has secretsmanager:GetSecretValue permissions

#✅ - "Access secrets" documentation assumes lambda has `secretsmanager:GetSecretValue` permissions