Lambda Environment Variable Encryptor

Lambda Function to encrypt secret environment variables of Lambda Functions.

This Function is integrated with CodePipeline to encrypt secret values after target Lambda Functions are successfully deployed.

Please see this for more details on how to integrate Lambda Functions in CodePipeline, http://docs.aws.amazon.com/codepipeline/latest/userguide/how-to-lambda-integration.html#how-to-lambda-integration-add-action

How To Setup a CodePipeline

Input Parameter Values

• CloudformationLambdaExecutionRoleArn:

  Enter ARN of IAM Role for Cloudformation to create changesets and target stack. If you already created one or more CodePipeline that uses Cloudformation, this role should have been created already, so you can use the same role, 'cloudformation-lambda-execution-role'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

• CodePipelineServiceRoleArn:

  Enter ARN of IAM Role for CodePipeline to be executed. If you already created one or more CodePipeline, this role should have been created already, so you can use the same role, 'AWS-CodePipeline-Service'. If not, please create a role with the same name with Trust Relationships and Policy Document defined here.

• CustomAuthorizerIAMRoleName:

• CustomAuthorizerLambdaName:

• EncryptionLambdaName:

• GitHubPersonalAccessToken:

  Access Token for CodeBuild to access to the this Github repository. (See here to find how to generate the access token).

• GitHubSourceRepositoryBranch: master

• GitHubSourceRepositoryName: aws-services-encryption

• GitHubSourceRepositoryOwner: SungardAS

• ParameterOverrides:

• ProjectImage: aws/codebuild/python:2.7.12

How To Test Lambda Functions

• $ cd tests
• $ python test.py

This project is maintained by the Labs group at Sungard Availability Services

GitHub: https://sungardas.github.io

Blog: http://blog.sungardas.com/CTOLabs/