API Reference
    Preparing search index...

    Function getSecret

    • The Parameters utility provides a SecretsProvider that allows to retrieve secrets from AWS Secrets Manager.

      This utility supports AWS SDK v3 for JavaScript only. This allows the utility to be modular, and you to install only the SDK packages you need and keep your bundle size small.

      Basic usage

      Type Parameters

      Parameters

      • name: string

        The name of the secret to retrieve

      • Optionaloptions: NonNullable<(InferredFromOptionsType & SecretsGetOptions)>

        Optional options to configure the provider

        • maxAge

          Optional maximum age of the value in the cache, in seconds (default: 5)

        • forceFetch

          Optional flag to always fetch a new value from the store regardless if already available in cache (default: false)

        • transform

          Optional transform to be applied, can be json or binary

        • sdkOptions

          Optional additional options to pass to the AWS SDK v3 client, supports all options from GetSecretValueCommandInput | GetSecretValueCommandInput except SecretId

      Returns Promise<
          | SecretsGetOutput<ExplicitUserProvidedType, InferredFromOptionsType>
          | undefined,
      >

      import { getSecret } from '@aws-lambda-powertools/parameters/secrets';

      export const handler = async (): Promise<void> => {
        // Retrieve a secret
        const secret = await getSecret('my-secret');
      };

      Caching

      By default, the provider will cache parameters retrieved in-memory for 5 seconds. You can adjust how long values should be kept in cache by using the maxAge parameter.

      import { getSecret } from '@aws-lambda-powertools/parameters/secrets';

      export const handler = async (): Promise<void> => {
        // Retrieve a secret and cache it for 10 seconds
        const secret = await getSecret('my-secret', { maxAge: 10 });
      };

      If instead you'd like to always ensure you fetch the latest parameter from the store regardless if already available in cache, use the forceFetch parameter.

      import { getSecret } from '@aws-lambda-powertools/parameters/secrets';

      export const handler = async (): Promise<void> => {
        // Retrieve a secret and always fetch the latest value
        const secret = await getSecret('my-secret', { forceFetch: true });
      };

      Transformations

      For parameters stored as JSON or base64-encoded strings, you can use the transform argument set to json or binary for deserialization.

      import { getSecret } from '@aws-lambda-powertools/parameters/secrets';

      export const handler = async (): Promise<void> => {
        // Retrieve a secret and parse it as JSON
        const secret = await getSecret('my-secret', { transform: 'json' });
      };

      Extra SDK options

      When retrieving a secret, you can pass extra options to the AWS SDK v3 for JavaScript client by using the sdkOptions parameter.

      import { getSecret } from '@aws-lambda-powertools/parameters/secrets';

      export const handler = async (): Promise<void> => {
        // Retrieve a secret and pass extra options to the AWS SDK v3 for JavaScript client
        const secret = await getSecret('my-secret', {
          sdkOptions: {
            VersionId: 1,
          },
        });
      };

      This object accepts the same options as the AWS SDK v3 for JavaScript Secrets Manager client.

      Built-in provider class

      For greater flexibility such as configuring the underlying SDK client used by built-in providers, you can use the SecretsProvider class.

      https://docs.aws.amazon.com/powertools/typescript/latest/features/parameters/

    Settings

    Member Visibility