Morgatz (10) [Avatar] Offline
#1
I noticed in the logging lecture that the token is being stored in plain-text in the serverless.yml. However, it would be nice to see a tutorial on using KMS, Parameter Store, and Serverless Framework. I haven't found any good tutorial out there that walks through this process, and I think for something to be production ready the secret keys should be stored safely somewhere other than a file being committed to your repo
Yan Cui (61) [Avatar] Offline
#2
We'll address that in the config management section of the course. For now you can have a look at this post on how to load config from parameter stores when a function cold starts. The middy engine also has a ssm middleware that can do that for you too, which we'll look at in the config management section, along with AWS's new secret manager service, which also supports secret rotation too.