AWS Lambda Mysql连接池密码加密

时间:2019-10-08 17:59:47

标签: mysql amazon-web-services aws-lambda amazon-rds connection-pooling

我建立了一个无服务器环境,我正在尝试使用mysql连接池调用MySQL数据库。当mysql密码未加密存储在环境变量中时,一切工作都很好。但是,当我加密环境变量,然后尝试使用基于Promise的函数对其解密时,连接池将不再起作用。我将连接池移到了可以处理我的查询并且可以正常工作的promise函数中,但是它还会为每个查询创建一个新的连接池,因此效果不佳。

var express = require('express')
var bodyParser = require('body-parser')
var awsServerlessExpressMiddleware = require('aws-serverless-express/middleware')
var AWS = require("aws-sdk");
var mysql = require('mysql');

// declare a new express app
var app = express()
app.use(bodyParser.json())
app.use(awsServerlessExpressMiddleware.eventContext())

// Enable CORS for all methods
app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*")
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept")
  next()
});

const kms = new AWS.KMS();
// let decrypted;

function decryptEnvVar(val){
  const p = new Promise((res,reject)=>{
kms.decrypt({ CiphertextBlob: Buffer(val, 'base64') }, (err, data) => {
    if (err) {
                console.log('Decrypt error:', err);
                reject(err);
            }
            var decrypted = data.Plaintext.toString('ascii');

            res(decrypted);
        });
        });
        return p;
// })
}


var pool;
decryptEnvVar('process.env.RDS_PASSWORD').then(decrypt=>{
    pool = mysql.createPool({
                host     : process.env.RDS_TEST_HOSTNAME,
                password : decrypt,
                password: process.env.RDS_TEST_PASSWORD,
                port     : process.env.RDS_PORT,
                database: process.env.RDS_DATABASE
            });
})


function sqlReq(sql){

    const p = new Promise((res,reject)=>{

      pool.getConnection(function(err, connection) {
        console.log('connection');
        if (err){
          console.log(err);
          reject(err); // not connected!
        }
        // Use the connection
        connection.query(sql, function (error, results, fields) {
          // When done with the connection, release it.
          connection.release();

          // Handle error after the release.
          if (error){
             reject(error);
          } 

          // Don't use the connection here, it has been returned to the pool.
          res(results);
        });
      });
      // });

    }).catch(err => {
      return err;
    });
    return p;
}

app.get('/api/some_endpoint', function(req, res){
  var sql = "Some SQL statement";
    sqlReq(sql).then(resp=>{
        res.json({'resp': resp});
  }).catch(err=>{
    res.json({err});
  });
});

This results in no data being passed back to my app.

0 个答案:

没有答案
相关问题
最新问题