AWS Lambda Go Handler

aws-lambda-handler.go

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"log"
	"time"

	"github.com/aws/aws-lambda-go/lambda"
	"github.com/go-viper/mapstructure/v2"

	vault "github.com/hashicorp/vault/api"
)

type Secrets struct {
	Hello string `mapstructure:"hello"`
	Foo   string `mapstructure:"foo"`
	Fizz  string `mapstructure:"fizz"`
	Ping  string `mapstructure:"ping"`
}

var vaultClient *vault.Client

func init() {
	var err error
	vaultClient, err = vault.NewClient(vault.DefaultConfig())
	if err != nil {
		log.Fatal("Failed to create Vault client: " + err.Error())
	}
}

func getSecrets(mount, path string) (*Secrets, error) {
	ctx, cancel := context.WithTimeout(context.Background(), 3*time.Second)
	defer cancel()

	resp, err := vaultClient.KVv2(mount).Get(ctx, path)
	if err != nil {
		return nil, err
	}

	s := &Secrets{}
	err = mapstructure.Decode(resp.Data, s)
	if err != nil {
		return nil, err
	}

	return s, nil
}

func handler(ctx context.Context, event json.RawMessage) error {
	secrets, err := getSecrets("kv", "path/to/secret")
	if err != nil {
		return fmt.Errorf("Failed to fetch secrets from vault: %w", err)
	}

	// do something with secrets

	return nil
}

func main() {
	lambda.Start(handler)
}