New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

@dvsa/secrets-manager

Package Overview
Dependencies
Maintainers
21
Versions
5
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@dvsa/secrets-manager

A utility class for accessing secrets stored with AWS Secrets Manager. Provides overrides from ENV variables.

latest
Source
npmnpm
Version
1.2.1
Version published
Maintainers
21
Created
Source

Secrets Manager

A utility class for accessing secrets stored with AWS Secrets Manager.

Provides ability to override keys by implementing them as ENVIRONMENT variables.

Configuration

Accessing the AWS Secrets Manager requires these environment variables:

AWS_REGION

The AWS region, normally this is supplied by default within AWS resources.

This is used by the AWS Secrets Manager Client.

Example

eu-west-1

Using the utility class

The class SecretsManager provides two methods:

getSecret(secretName)

async getSecret(secretName: string): Promise<Record<string, string>> {}

This method will return a KEY, VALUE pairs as an object of all secrets stored in the AWS Secrets Manager store specified by secretName. This store contains KEY, VALUE pairs.

getSecretWithKey(secretName, key)

async getSecretWithKey(secretName: string, key: string): Promise<string> {}

This method will call the previous, and extract (if defined) the key-value from the secret store.

Overriding key values

Should you need to override the value from key you can specify the key as an environment variable. A call will not be made to AWS Secrets Manager. This makes it useful for local development environments.

Example
console.log(process.env.MY_KEY_NAME); //MySecret

const secret = getSecretWithKey('mySecretName', 'MY_KEY_NAME');

console.log(secret); // MySecret

Requirements

  • node v14.17.3
  • npm 7 or above
  • SAM CLI

Build

  • npm i
  • npm run build:dev

Tests

  • The Jest framework is used to run tests and collect code coverage
  • To run the tests, run the following command within the root directory of the project: npm test
  • Coverage results will be displayed on terminal and stored in the coverage directory
    • The coverage requirements can be set in jest.config.js

Logging

This library uses https://github.com/debug-js/debug to provide an opt-in logging experience.

To enable logging from this package, set the DEBUG environment variable to @dvsa/secrets-manager. For example, to run your tests with the library in debug logging mode:

DEBUG=@dvsa/secrets-manager npm run test

FAQs

Package last updated on 10 Jun 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Security News

Attackers Are Hunting High-Impact Node.js Maintainers in a Coordinated Social Engineering Campaign

Multiple high-impact npm maintainers confirm they have been targeted in the same social engineering campaign that compromised Axios.

By Sarah Gooding  -  Apr 03, 2026