I have a (extremely basic but perfectly working) AWS lambda function written in Python that however has embedded credentials to connect to: 1) an external web service 2) a DynamoDB table.
What the function does is fairly basic: it POSTs a login against a service (with credentials #1) and then saves part of the response status into a DynamoDB table (with AWS credentials #2).
These are the relevant parts of the function:
h = httplib2.Http()
auth = base64.encodestring('myuser' + ':' + 'mysecretpassword')
(response, content) = h.request('https://vca.vmware.com/api/iam/login', 'POST', headers = {'Authorization':'Basic ' + auth,'Accept':'application/xml;version=5.7'})
and then
conn = boto.connect_dynamodb(aws_access_key_id='FAKEhhahahah',aws_secret_access_key='FAKEdhdhdudjjdjdjhdjjhdjdjjd')
How would you go about cleaning the code by NOT having these credentials inside the function?
FYI this function is scheduled to run every 5 minutes (there is no other external event that triggers it).