Secrets
Vonage Cloud Runtime Secrets allow you to store sensitive information for use in your projects, such as API keys for third-party services. Secrets are managed through the Vonage Cloud Runtime CLI.
Creating a Secret
To create a secret, you can use the Vonage Cloud Runtime CLI secrets create command.
So to create a secret FOO with the value bar:
You can also add files as secrets:
Accessing your Secrets
To access a secret in your instance, you need to add it to your configuration file to expose it. Add a environment key to your configuration file with a list of the secrets you want to expose and a name to refer to them by:
project:
name: app
instance:
name: dev
runtime: nodejs18
region: aws.euw1
application-id: fcd08ece-f3c2-4adf-bf84-5ba8a1c86e0e
capabilities: [voice, messages-v1]
entrypoint: [node, index.js]
environment:
- name: FOO_SECRET
secret: FOO
- name: BAZ_SECRET
secret: BAZ
Now that the secret is in your configuration file, they will be injected into your instance when you run the Vonage Cloud Runtime debugger or deploy your project. So to use the example of FOO in your application you would write:
const fooValue = process.env.FOO_SECRET;
Updating Secrets
Updating secrets works similarly to creating secrets, but to update you use vcr secrets update:
To update the FOO example:
Removing Secrets
Secrets can be removed using vcr secrets remove:
To remove the FOO example:
Working with Secrets Locally
When you are debugging your project locally, you will not have access to the secrets stored on the Vonage Cloud Runtime platform. It is recommended that you create a .env file in your project directory and add your development secrets there:
export FOO=BAR
export BAZ=BAT
export X=Y
Then before you start debugging run:
source .env
The environment variables need to be set in the same shell process that you are running the Vonage Cloud Runtime debugger in.
This will export the development secrets in your current terminal shell process, allowing the debugger to access them.