How do I store a private key the right way for aws lambda


I have a private key for test and another for production. How should I store it correctly If I would prefer it wastnt a part of my source code. Id like it, if I could upload it to aws and just have my lambda function fetch it after it got uploaded.

Im considering to put it in an s3 folder and load it from there. But just wanted to hear if aws has made another way to do it.


There are several ways.

Do you think about AWS Systems Manager Parameter Store?

With that, you can assign different IAM permissions (different dev/prod kms keys) and use securestring to save the password in ssm

1 Like

Have a look at what I did in this post.

I generated the keys on AWS and then stored then in SSM.

1 Like