From 03547dcaa9e7f8d05453d2b34203813bf6319953 Mon Sep 17 00:00:00 2001 From: Chris Schneider Date: Wed, 12 Jul 2017 11:31:50 +0200 Subject: [PATCH] Updated readme --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0647bf9..2dae66b 100644 --- a/README.md +++ b/README.md @@ -12,13 +12,13 @@ Key features: - By using KMS, access to secrets can be controlled with IAM. We recommend to create one KMS key per serverless-profile, so you can limit access to credentials to deployment privileges. - During deployment a temporary .env file is created and uploaded to Lambda by merging and decrypting values of your environment YAML files. - Environment variables can be loaded with *dotenv* at startup in Lambda without delays from KMS. -- Supports local development with *invoke local* and *serverless-local-dev-server* plugin. +- Supports *serverless-local-dev-server* for local development. Please note that the uploaded *.env* file contains secrets in cleartext. Therefore we recommend to use [Serverless Crypt](https://github.com/marcy-terui/serverless-crypt) for critical secrets. This tool aims to strike a balance between storing secrets in plaintext in Lambda environment variables and having to decrypt them at runtime using KMS. Furthermore the tool does not support environment variables generated by Serverless. We recommend to set these variables directly in each functions configuration in *serverless.yml*. -During local development variables are directly loaded into *process.env* via Serverless by overwriting the environment variables of every function. No *.env* file is created, so your local development and deployment tasks do not interfere :-) +When used with *serverless-local-dev-server* your environment variables are directly loaded into *process.env*. No *.env* file is created to make sure that your local development and deployment tasks do not interfere :-) This package requires node >= 6.0. Encryption is only supported for AWS due to the reliance on KMS.