npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@appinventiv/aws-secret-manager

v1.0.1

Published

AWS Secrets Manager client package for Node.js applications. Provides an easy-to-use interface for retrieving secrets from AWS Secrets Manager.

Downloads

226

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

developer-atdeveloper-atabhishek.tyagi1abhishek.tyagi1

Keywords

Readme

@developer-at/aws-secret-manager

AWS Secrets Manager client package for Node.js applications. Provides an easy-to-use interface for retrieving secrets from AWS Secrets Manager.

Installation

npm install @developer-at/aws-secret-manager

Features

  • Simple API for loading and retrieving secrets
  • Automatic AWS SDK client initialization
  • TypeScript support
  • Error handling

Prerequisites

  • AWS account with Secrets Manager access
  • AWS credentials configured (via environment variables, IAM role, or AWS credentials file)
  • AWS_REGION environment variable set

AWS Setup

  1. Create a secret in AWS Secrets Manager
  2. Ensure your AWS credentials have permissions to access Secrets Manager
  3. Set the AWS_REGION environment variable

Required IAM Permissions

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "secretsmanager:GetSecretValue",
        "secretsmanager:DescribeSecret"
      ],
      "Resource": "arn:aws:secretsmanager:*:*:secret:*"
    }
  ]
}

Usage

Basic Setup

import { secret } from '@developer-at/aws-secret-manager';

// Set AWS region (required)
process.env.AWS_REGION = 'us-east-1';

// Load secrets from AWS Secrets Manager
await secret.loadCreds('my-secret-name');

// Retrieve a secret value
const dbPassword = secret.get('dbPassword');
const apiKey = secret.get('apiKey');

console.log('Database Password:', dbPassword);
console.log('API Key:', apiKey);

Complete Example

import { secret } from '@developer-at/aws-secret-manager';

async function initializeApp() {
  try {
    // Load secrets from AWS
    await secret.loadCreds('my-application-secrets');
    
    // Retrieve configuration values
    const config = {
      database: {
        host: secret.get('DB_HOST'),
        port: secret.get('DB_PORT'),
        username: secret.get('DB_USERNAME'),
        password: secret.get('DB_PASSWORD'),
        name: secret.get('DB_NAME')
      },
      api: {
        key: secret.get('API_KEY'),
        secret: secret.get('API_SECRET')
      },
      jwt: {
        secret: secret.get('JWT_SECRET')
      }
    };
    
    // Use configuration
    console.log('Application configured successfully');
    return config;
    
  } catch (error) {
    console.error('Failed to load secrets:', error);
    throw error;
  }
}

// Initialize on application startup
initializeApp()
  .then(() => {
    console.log('App started');
  })
  .catch((error) => {
    console.error('Failed to start app:', error);
    process.exit(1);
  });

Express.js Integration Example

import express from 'express';
import { secret } from '@developer-at/aws-secret-manager';

const app = express();

// Load secrets on startup
async function loadSecrets() {
  try {
    await secret.loadCreds(process.env.SECRET_NAME || 'my-app-secrets');
    
    // Access secrets throughout the application
    const jwtSecret = secret.get('JWT_SECRET');
    const dbConfig = {
      host: secret.get('DB_HOST'),
      password: secret.get('DB_PASSWORD')
    };
    
    console.log('Secrets loaded successfully');
  } catch (error) {
    console.error('Failed to load secrets:', error);
    process.exit(1);
  }
}

// Initialize before starting server
loadSecrets().then(() => {
  app.listen(3000, () => {
    console.log('Server started on port 3000');
  });
});

Using AWSSecretManagerProvider Class Directly

import { AWSSecretManagerProvider } from '@developer-at/aws-secret-manager';

// Create a custom instance
const customSecret = new AWSSecretManagerProvider();

// Load and use secrets
await customSecret.loadCreds('my-custom-secret');
const value = customSecret.get('myKey');

API Reference

secret (Singleton Instance)

Pre-configured secret manager instance ready to use.

AWSSecretManagerProvider Class

Main secret manager provider class.

constructor()

Initializes a new AWS Secrets Manager provider instance. Automatically initializes the AWS SDK client.

initializeSecretManager()

Initializes the AWS Secrets Manager client. Called automatically in the constructor.

loadCreds(secretName: string)

Loads secrets from AWS Secrets Manager.

Parameters:

  • secretName (string): Name or ARN of the secret in AWS Secrets Manager

Returns:

  • Promise<void>

Throws:

  • Error if secret cannot be loaded or parsed

Example:

await secret.loadCreds('production/database/credentials');

get(key: string)

Retrieves a secret value by key.

Parameters:

  • key (string): Key name in the secret JSON

Returns:

  • any: Secret value or undefined if key not found

Example:

const password = secret.get('password');
const config = secret.get('database');

Secret Format

Secrets in AWS Secrets Manager should be stored as JSON strings. For example:

{
  "DB_HOST": "database.example.com",
  "DB_PORT": "5432",
  "DB_USERNAME": "admin",
  "DB_PASSWORD": "secure-password",
  "API_KEY": "api-key-12345",
  "JWT_SECRET": "jwt-secret-key"
}

Environment Variables

  • AWS_REGION (required): AWS region where your secrets are stored (e.g., us-east-1)

Error Handling

The package includes structured error handling with SecretsManagerException class. All errors are automatically categorized and returned in a consistent format:

import { secret, SecretsManagerException } from '@developer-at/aws-secret-manager';

try {
    await secret.loadCreds('my-secret-name');
} catch (error) {
    if (error instanceof SecretsManagerException) {
        const errorResponse = error.getError();
        // Returns: { status: 404, data: { message, type, originalError, context, ... } }
    }
}

Error types include: Connection, Authentication, Not Found, Validation, Timeout, Server, and Operation errors.

TypeScript Support

The package includes full TypeScript definitions and is written in TypeScript.

Dependencies

  • @aws-sdk/client-secrets-manager: ^3.972.0

Security Best Practices

  1. Never commit secrets to version control
  2. Use IAM roles when running on AWS infrastructure (EC2, ECS, Lambda)
  3. Rotate secrets regularly in AWS Secrets Manager
  4. Use least privilege IAM policies for Secrets Manager access
  5. Load secrets at application startup rather than on-demand
  6. Don't log secret values in your application logs

Troubleshooting

Common Issues

  1. "Unable to Connect Error"

    • Verify AWS credentials are configured
    • Check AWS_REGION environment variable is set
    • Ensure IAM permissions are correct

  2. "Unable to Load credentials AWS Error"

    • Verify secret name/ARN is correct
    • Check secret exists in the specified region
    • Ensure IAM user/role has secretsmanager:GetSecretValue permission

  3. "undefined" when calling get()

    • Ensure loadCreds() was called successfully
    • Verify the key exists in the secret JSON
    • Check key name spelling

License

ISC