DEVHIDE
Login Or Sign up

Best way to store AWS IoT credentials on a serverless node instance?

185 Views Asked by At

My existing locally hosted server loads its iot identity + credentials like so:

function initIot() {
  var device = awsIot.device({
     keyPath: './iot_credentials/ident-private.pem.key',
    certPath: './iot_credentials/ident-certificate.pem.crt',
      caPath: './iot_credentials/rootca.pem',
    clientId: 'iot-server-1',
        host: endpoint
  });

..and I don't commit the private key & cert anywhere. It lives securely on the server disk.

How would I securely migrate this to serverless cloud9 setup running on codestar? Assuming I trust my AWS team, can I just store it in the project's files?

node.js aws-iot cloud9 serverless aws-codestar
Original Q&A
2

There are 2 best solutions below

0
On

As long as those files are properly restricted from public access, I think that's fine.

0
On

Keep out the sensitive data from code regardless of the IDE. There are few options you can consider.

  • You can use a environmental variable in Lambda to store the file content.
  • Sore it in S3 private bucket with restricted access and retrieve it in code.
  • Use DevOps to append the config at CI/CD pipeline.
  • You can also use AWS KMS to store the sensitive data.

Related Questions in NODE.JS

Related Questions in AWS-IOT

Related Questions in CLOUD9

Related Questions in SERVERLESS

Related Questions in AWS-CODESTAR

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.