plat-1798 - set env vars for AWS creds from cached credentials in invoke local

this allows for use of credentials provided by a deploy profile in the serverless dashboard
2026-01-18 14:58:43 +00:00 · 2019-11-07 12:35:46 -05:00 · 2019-11-07 12:35:46 -05:00 · ae36c256c0
commit ae36c256c0
parent 801539ab2c
2 changed files with 21 additions and 1 deletions
--- a/lib/plugins/aws/invokeLocal/index.js
+++ b/lib/plugins/aws/invokeLocal/index.js
@ -128,6 +128,14 @@ class AwsInvokeLocal {
      NODE_PATH: '/var/runtime:/var/task:/var/runtime/node_modules',
    };

+    const credentialEnvVars = this.provider.cachedCredentials
+      ? {
+          AWS_ACCESS_KEY_ID: this.provider.cachedCredentials.accessKeyId,
+          AWS_SECRET_ACCESS_KEY: this.provider.cachedCredentials.secretAccessKey,
+          AWS_SESSION_TOKEN: this.provider.cachedCredentials.sessionToken,
+        }
+      : {};
+
    // profile override from config
    const profileOverride = this.provider.getProfile();
    if (profileOverride) {
@ -136,7 +144,7 @@ class AwsInvokeLocal {

    const configuredEnvVars = this.getConfiguredEnvVars();

-    _.merge(process.env, lambdaDefaultEnvVars, configuredEnvVars);
+    _.merge(process.env, lambdaDefaultEnvVars, credentialEnvVars, configuredEnvVars);

    return BbPromise.resolve();
  }
--- a/lib/plugins/aws/invokeLocal/index.test.js
+++ b/lib/plugins/aws/invokeLocal/index.test.js
@ -327,6 +327,18 @@ describe('AwsInvokeLocal', () => {
        expect(process.env.NODE_PATH).to.equal('/var/runtime:/var/task:/var/runtime/node_modules');
      }));

+    it('it should set credential env vars', () => {
+      provider.cachedCredentials.accessKeyId = 'ID';
+      provider.cachedCredentials.secretAccessKey = 'SECRET';
+      provider.cachedCredentials.sessionToken = 'TOKEN';
+
+      return awsInvokeLocal.loadEnvVars().then(() => {
+        expect(process.env.AWS_ACCESS_KEY_ID).to.equal('ID');
+        expect(process.env.AWS_SECRET_ACCESS_KEY).to.equal('SECRET');
+        expect(process.env.AWS_SESSION_TOKEN).to.equal('TOKEN');
+      });
+    });
+
    it('should fallback to service provider configuration when options are not available', () => {
      awsInvokeLocal.provider.options.region = null;
      awsInvokeLocal.serverless.service.provider.region = 'us-west-1';