Environment Variables & Secrets

Most background jobs require interacting with external APIs, databases, or services that require authentication. LiteLambda provides a native Secrets Manager to keep your credentials secure.

Using Environment Variables

You should never hardcode API keys, passwords, or tokens directly in your script code. Instead, use LiteLambda's Environment Variables feature.

  1. Go to the Edit page for your Cron Job.
  2. Scroll down to the Environment Variables section.
  3. Add your key-value pairs (e.g., Key: OPENAI_API_KEY, Value: sk-12345...).
  4. Click Save Changes.

Accessing Variables in Python

Once you've added your environment variables in the dashboard, they are securely injected into your script's execution container at runtime. You can access them using Python's standard os.environ module.

import os
import requests

def handler(event, context):
    # Retrieve the secret from the environment
    api_key = os.environ.get("OPENAI_API_KEY")
    
    if not api_key:
        raise ValueError("Missing OPENAI_API_KEY environment variable")

    headers = {
        "Authorization": f"Bearer {api_key}"
    }
    
    # ... use the API key ...
    
    return {"status": "success"}

Security Context

Are my environment variables secure?

  • Encrypted at Rest: Your environment variables are encrypted in the LiteLambda database.
  • Isolated Execution: Your code runs in a completely isolated, ephemeral container. There is zero risk of a "noisy neighbor" extracting your keys from environment memory.
  • Hidden Values: Once saved, the values of your environment variables are obfuscated in the dashboard UI.
Warning: Do not print secrets! Be extremely careful not to print() your API keys or include them in the return dictionary of the handler function. All stdout and return values are saved to your execution logs and are visible in your dashboard.