3 years ago

Category: Data, Hashicorp

We are excited to announce the public preview of a HashiCorp Vault AWS Lambda extension, utilizing the newly announced AWS Lambda Extensions API (also in public preview) to securely retrieve secrets from HashiCorp Vault. Practitioners that have standardized on HashiCorp Vault for secrets management and AWS Lambda as their serverless compute environment no longer have to make their Lambda functions Vault aware.

"Hundreds of thousands of customers use AWS Lambda to run their applications - all they need to do is supply the code,” says Dhruv Sood, Sr. Product Manager, AWS Lambda, Amazon Web Services, Inc. "The HashiCorp Vault extension for AWS Lambda makes it easy for operators to manage their secrets and make them available for developers to use within their application code.”AWS Lambda functions often connect to many services to transform and move data between them.

The extension can retrieve multiple secrets from Vault, if configured to do so, and writes the full JSON response from HashiCorp Vault to the configured destination.Before a Lambda function is invoked, extensions are initialized and given the opportunity to perform tasks before signaling their readiness. The Vault extension uses user-defined environment variables and the Lambda execution role to authenticate with a Vault cluster and retrieve secrets before the Lambda function executes.