Environment Variables & Secrets
Most background jobs require interacting with external APIs, databases, or services that require authentication. LiteLambda provides a native Secrets Manager to keep your credentials secure.
Using Environment Variables
You should never hardcode API keys, passwords, or tokens directly in your script code. Instead, use LiteLambda's Environment Variables feature.
- Go to the Edit page for your Cron Job.
- Scroll down to the Environment Variables section.
- Add your key-value pairs (e.g., Key:
OPENAI_API_KEY, Value:sk-12345...). - Click Save Changes.
Accessing Variables in Python
Once you've added your environment variables in the dashboard, they are securely injected into your script's execution container at runtime. You can access them using Python's standard os.environ module.
import os
import requests
def handler(event, context):
# Retrieve the secret from the environment
api_key = os.environ.get("OPENAI_API_KEY")
if not api_key:
raise ValueError("Missing OPENAI_API_KEY environment variable")
headers = {
"Authorization": f"Bearer {api_key}"
}
# ... use the API key ...
return {"status": "success"}
Security Context
Are my environment variables secure?
- Encrypted at Rest: Your environment variables are encrypted in the LiteLambda database.
- Isolated Execution: Your code runs in a completely isolated, ephemeral container. There is zero risk of a "noisy neighbor" extracting your keys from environment memory.
- Hidden Values: Once saved, the values of your environment variables are obfuscated in the dashboard UI.
Warning: Do not print secrets! Be extremely careful not to
print() your API keys or include them in the return dictionary of the handler function. All stdout and return values are saved to your execution logs and are visible in your dashboard.