cerberus-node-client
Advanced tools
This is a node client for interacting with a Cerberus backend. It can be used in any environment that has AWS credentials available.
To learn more about Cerberus, please visit the Cerberus website.
This library is compatible with node 12.x +, for previous versions of Node use the 1.x versions of the client
npm install --save cerberus-node-client
See the CerberusClient class on the the docs site
The cerberus client uses the AWS SDK Credentials provider chain to load AWS IAM credentials and authenticates with Cerberus via the sts auth endpoint This client will work in any environment that has access to AWS Credentials.
Cerberus will attempt to authenticate one its first call. The authentication result will be stored and reused. If the token has expired on a subsequent call, authentication will be repeated with the original configuration. You should not have to worry about authentication or token expiration; just use the client.
First, make sure the following environment variables are set before running the Node Client integration tests:
export CERBERUS_HOST="https://example.cerberus.com"
export TEST_REGION="us-west-2"
export TEST_SDB="my-sdb"
export TEST_SDB_CATEGORY="app"
Ensure the TEST_SDB and TEST_SDB_CATEGORY variables match up with the path to your test sdb (i.e. app/my-sdb/test-path)
Then make sure AWS credentials have been obtained. One method is by running gimme-aws-creds:
gimme-aws-creds
Next, in the project directory run:
npm run style && npm run test:unit:local && npm run test:integration
If applicable, we recommend running the Node Client integration tests in both AWS Global and AWS China using the corresponding hosts, regions, and AWS credentials.
While this client supports any env with IAM credentials, generally it does NOT make sense to store Lambda secrets in Cerberus for two reasons:
A better solution for Lambda secrets is using the encrypted environmental variables feature provided by AWS.
Another option is to store Lambda secrets in Cerberus but only read them at Lambda deploy time, then storing them as encrypted environmental variables, to avoid the extra Cerberus runtime latency.
Cerberus Management Service is released under the Apache License, Version 2.0
[coverage img]
[4.0.0] - 2022-11-09
FAQs
Node client for Cerberus Key Mgmt
The npm package cerberus-node-client receives a total of 1,596 weekly downloads. As such, cerberus-node-client popularity was classified as popular.
We found that cerberus-node-client demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.
Research
Security News
Socket researchers uncovered a backdoored typosquat of BoltDB in the Go ecosystem, exploiting Go Module Proxy caching to persist undetected for years.
Security News
Company News
Socket is joining TC54 to help develop standards for software supply chain security, contributing to the evolution of SBOMs, CycloneDX, and Package URL specifications.