Secret Providers

Available Secret Providers

When we set up the LunaDefend Node SDK, we pass a private key that LunaDefend uses to establish trust with your app. LunaDefend provides a few different ways to set it:

Manual

Provide a '<signing key>' as a KeyLike value.

import { createPrivateKey } from 'crypto';

export const lunaSec = new LunaSec({
  auth: {
    secrets: {
      provider: 'manual',
      signingKey: createPrivateKey('PRIVATEKEY123ABC')
    },
  }
});

Environment Variable

Set the environment variable LUNASEC_SIGNING_KEY which will be detected by LunaDefend at runtime.

export const lunaSec = new LunaSec({
  auth: {
    secrets: {
      provider: 'environment'
    },
  }
});

AWS Secrets Manager

Store the signing key in Aws Secrets Manager and provide the ARN to LunaDefend.

export const lunaSec = new LunaSec({
  auth: {
    secrets: {
      provider: 'awsSecretsManager',
      secretArn: '<secret arn>'
    },
  }
});

Available Secret Providers​

Manual​

Environment Variable​

AWS Secrets Manager​

Available Secret Providers

Manual

Environment Variable

AWS Secrets Manager