A total beginner level question here - I am trying to deploy my mern full stack app to aws ec2 (Amazon Linux 2 ) as a side project for the first time. I was able to get the frontend static React files into the aws ec2 instance. But I am confused as to how to proceed with the backend portion. The backend (nodejs + express) uses a .env file for database connections and such. What would be the safest and/or conventional method to transfer the values in the env file to the instance? Here are the suggestions I came across and my thoughts on them. Would appreciate some guidance. Since the instance platform is a Linux, I could add the variables to the .bash_profile - seems like the relatively safest and easiest option (as this is a small-scale side project app). Would the env data be immediately accessible to the backend files? or are there other steps to take afterwards? Will the vars stay afer I end the terminal session? Upload the env files along with the other backend file in to the instance - does not seem safe as the env file data is in clear text format and may be easily accessible Add the env data as 'user data' of the instance - safer than option 2 but how would I run the user data? (the aws website mentions it does not run automatically) Look into AWS SDKs or AWS Parameter Store

amazon-web-servicesamazon-ec2environment-variablesmernec2-ami

Reputation: 21

How do I add env variables to an aws ec2 instance?

A total beginner level question here - I am trying to deploy my mern full stack app to aws ec2 (Amazon Linux 2 ) as a side project for the first time. I was able to get the frontend static React files into the aws ec2 instance. But I am confused as to how to proceed with the backend portion. The backend (nodejs + express) uses a .env file for database connections and such. What would be the safest and/or conventional method to transfer the values in the env file to the instance?

Here are the suggestions I came across and my thoughts on them. Would appreciate some guidance.

Since the instance platform is a Linux, I could add the variables to the .bash_profile - seems like the relatively safest and easiest option (as this is a small-scale side project app). Would the env data be immediately accessible to the backend files? or are there other steps to take afterwards? Will the vars stay afer I end the terminal session?
Upload the env files along with the other backend file in to the instance - does not seem safe as the env file data is in clear text format and may be easily accessible
Add the env data as 'user data' of the instance - safer than option 2 but how would I run the user data? (the aws website mentions it does not run automatically)
Look into AWS SDKs or AWS Parameter Store

Upvotes: 2

Answers (2)

Neel gorasiya

Reputation: 155

Another way could be that you store your .env to secure S3 storage bucket and add shell commands in start_server.sh for retrieving .env from S3 and load it with your application to work.

Still, I am not sure if this is the best or most secure way of doing this.

Upvotes: 0

Winson Tanputraman

Reputation: 3723

Since you are using .env file in the existing server, option 2 (storing it as .env file in EC2) is the direct equivalent. This is a valid and secure design, as long as the file does not contain any secret values.

If your variables do have secrets, this is another problem altogether. The "AWS way" would be SSM Parameter Store or Secrets Manager. I don't see how storing it in user data or .bash_profile makes it more secure.

Upvotes: 3

How do I add env variables to an aws ec2 instance?

Answers (2)

Related Questions