From ae36c256c0cdcfe5e0732dd6f502f9d05e109366 Mon Sep 17 00:00:00 2001 From: Daniel Schep Date: Thu, 7 Nov 2019 12:35:46 -0500 Subject: [PATCH] plat-1798 - set env vars for AWS creds from cached credentials in invoke local this allows for use of credentials provided by a deploy profile in the serverless dashboard --- lib/plugins/aws/invokeLocal/index.js | 10 +++++++++- lib/plugins/aws/invokeLocal/index.test.js | 12 ++++++++++++ 2 files changed, 21 insertions(+), 1 deletion(-) diff --git a/lib/plugins/aws/invokeLocal/index.js b/lib/plugins/aws/invokeLocal/index.js index 584ca4c3f..6c6627585 100644 --- a/lib/plugins/aws/invokeLocal/index.js +++ b/lib/plugins/aws/invokeLocal/index.js @@ -128,6 +128,14 @@ class AwsInvokeLocal { NODE_PATH: '/var/runtime:/var/task:/var/runtime/node_modules', }; + const credentialEnvVars = this.provider.cachedCredentials + ? { + AWS_ACCESS_KEY_ID: this.provider.cachedCredentials.accessKeyId, + AWS_SECRET_ACCESS_KEY: this.provider.cachedCredentials.secretAccessKey, + AWS_SESSION_TOKEN: this.provider.cachedCredentials.sessionToken, + } + : {}; + // profile override from config const profileOverride = this.provider.getProfile(); if (profileOverride) { @@ -136,7 +144,7 @@ class AwsInvokeLocal { const configuredEnvVars = this.getConfiguredEnvVars(); - _.merge(process.env, lambdaDefaultEnvVars, configuredEnvVars); + _.merge(process.env, lambdaDefaultEnvVars, credentialEnvVars, configuredEnvVars); return BbPromise.resolve(); } diff --git a/lib/plugins/aws/invokeLocal/index.test.js b/lib/plugins/aws/invokeLocal/index.test.js index bd69acf62..c227d3040 100644 --- a/lib/plugins/aws/invokeLocal/index.test.js +++ b/lib/plugins/aws/invokeLocal/index.test.js @@ -327,6 +327,18 @@ describe('AwsInvokeLocal', () => { expect(process.env.NODE_PATH).to.equal('/var/runtime:/var/task:/var/runtime/node_modules'); })); + it('it should set credential env vars', () => { + provider.cachedCredentials.accessKeyId = 'ID'; + provider.cachedCredentials.secretAccessKey = 'SECRET'; + provider.cachedCredentials.sessionToken = 'TOKEN'; + + return awsInvokeLocal.loadEnvVars().then(() => { + expect(process.env.AWS_ACCESS_KEY_ID).to.equal('ID'); + expect(process.env.AWS_SECRET_ACCESS_KEY).to.equal('SECRET'); + expect(process.env.AWS_SESSION_TOKEN).to.equal('TOKEN'); + }); + }); + it('should fallback to service provider configuration when options are not available', () => { awsInvokeLocal.provider.options.region = null; awsInvokeLocal.serverless.service.provider.region = 'us-west-1';