Load Secrets from env.yml

Link to chapter - https://serverless-stack.com/chapters/load-secrets-from-env-yml.html

I am getting this error.

    "statusCode": 500,
    "headers": {
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Credentials": true
    "body": "{\"message\":\"You did not provide an API key, though you did set your Authorization header to \\\"null\\\". Using Bearer auth, your Authorization header should look something like 'Authorization: Bearer YOUR_SECRET_KEY'. See https://stripe.com/docs/api#authentication for details, or we can help at https://support.stripe.com/.\"}"

If I hard code const stripe = stripePackage(“sk_test_******” ); into billing.js it works but if I follow instructions to access it through env.yml I get the above error.

Any idea what is going wrong?

1 Like

The problem is mostly solved. I found that if I put the environmental variables in the billing function in serverless.yml (as per https://serverless-stack.com/chapters/serverless-environment-variables.html), I can access them. But anywhere else the variable will be passed as undefined.

Hmm can you make sure that the env.yml is correctly placed in the same folder as your serverless.yml?

I have the same issue.

Can you post some details on the issue you are having?

It seems that it is not possible for us to access the secret keys from the env.yml when using them in the billing.js file.

Instead it returns ‘undefined’:


As a work around we hard code them in the API request and it works.

/// Hardcoding the secret key
const secretAPIKey = “sk_test_I0kUXXXXXXXXXXXX”

export async function main(event, context) {
const { storage, source } = JSON.parse(event.body);
const amount = calculateCost(storage);
const description = “Scratch charge”;

// Using the hard coded key instead of loading it from the  environment variables
const stripe = stripePackage(secretAPIKey);

Are you running this locally? Cos it works fine in the sample repo.

am following the tutorial exactly as written, and I also get this 500 error

For 500 errors you should be able to log them. Whats the error you are seeing?

Why not just put you stripe key in SSM as a secureString, and pull it out in the lambda when you need it?

You could. But this chapter is to introduce the idea of Lambda environment variables. We’ll have a chapter on SSM coming out soon.

I replaced “process.env.stripeSecretKey” with “process.env.STRIPE_SECRET_KEY” so that billing.js retrieves the variable for itself. I guess the serverless.yml is supposed to be tying things together but it isn’t doing that properly. This way, the variables are still stored locally, so idk why this isn’t done like this in the firs place. Can anyone explain why we the serverless.yml is supposed to load the environment variable, and how calling billing.js is supposed to be retrieving the environment variables from serverless.yml? Did I miss something that is supposed to tie the billing.js to the serverless.yml?

1 Like

Well so the latest version of this chapter (https://serverless-stack.com/chapters/load-secrets-from-env.html) uses the dotenv plugin (https://github.com/colynb/serverless-dotenv-plugin) to take everything in the .env file and add it as an environment variable in your Lambda function. Hope that makes sense.

I just tried it and it works out of the box, particularly when I spell stripeSecretKey correctly :smiley:

1 Like

Make sure yourt indentation is correct in your serverless.yml file.
environment is indented under provider.

I got stuck on that one for a little while.

1 Like

When I tried following all of the tutorial instructions I got an undefined secret key


But when I used a @gommster’s suggestion, it just worked


@jayair My original intention was to make a single post but the page forced me to use 1 image per post

No worries, glad you figured it out.