Secret Providers
Available Secret Providers
When we set up the LunaDefend Node SDK, we pass a private key that LunaDefend uses to establish trust with your app. LunaDefend provides a few different ways to set it:
Manual
Provide a '<signing key>'
as a KeyLike
value.
import { createPrivateKey } from 'crypto';
export const lunaSec = new LunaSec({
auth: {
secrets: {
provider: 'manual',
signingKey: createPrivateKey('PRIVATEKEY123ABC')
},
}
});
Environment Variable
Set the environment variable LUNASEC_SIGNING_KEY
which will be detected by LunaDefend at runtime.
export const lunaSec = new LunaSec({
auth: {
secrets: {
provider: 'environment'
},
}
});
AWS Secrets Manager
Store the signing key in Aws Secrets Manager and provide the ARN to LunaDefend.
export const lunaSec = new LunaSec({
auth: {
secrets: {
provider: 'awsSecretsManager',
secretArn: '<secret arn>'
},
}
});