0
My current connection file is this:
const mongoose = require('mongoose')
mongoose.connect('connect string url', { useNewUrlParser: true })
mongoose.Promise = global.Promise
module.exports = mongoose
And it works properly to read data, but to delete it is necessary to authenticate with some user who has such privileges.
However, I would not like my login and password to be exposed in the code, so I am looking for some way to connect with my user without having to expose the password.
How to do this on Mongodb? I am using lib Mongoosis.
For this case you can use environment variables to leave this setting out of code.
– gmsantos
Finally, I created a new user limited only to read and write in the database. Since I am using serverless, environment variable would be in serverless.yml in the same way.. There must be some other safer way inside the AWS, but for now I’ll leave it at that. If there was a token for Mongo, it would be better, but anyway..
– Gleidson Henrique
the variable value does not need to be in serveless.yml, it can be set directly in the AWS panel.
– gmsantos
https://docs.aws.amazon.com/lambda/latest/dg/env_variables.html
– gmsantos
But then I think it will hurt the CI/CD part, since the idea is to be automated and not need manual configuration. Not unless the key gets into gitlab and a script changes the lambda function after deploy, but I’m still finding a lot of service unnecessary. But be it with a token or login/password, the damage that someone would do would be the same, so since it is a user part and not the admin user of the account, for now it is better than nothing. Anyway, if I think ahead an automated and easy way, I come back here to talk. I thank you for all your help friend! =]
– Gleidson Henrique
@gmsantos today understand exactly how to do, and yes to put in serverless.yml, and use the serverless-dotenv-plugin to manage the sending of which environment variables will be sent the function. It is also possible to use serverless pro for this, but it creates another additional function to manage some features related to Cloudformation and I didn’t like it so I preferred to use the plugin. Anyway, just coming back here giving a feedback on how I got it. Thank you very much for the help at the time, a pity I didn’t understand very well. =]
– Gleidson Henrique
Good! Can you post your solution as an answer? So you help someone who has at least a problem and see your question here :)
– gmsantos