For some secure web application, especially backend services requires high security protection. Most of our environment variables such as database credentials, API secrets etc are stored in .env file in most of web applications.
But this can bring us a big security hole if the server is breached. Thus, nowadays some products wants to store the env variables on a strongly secured place and load them in runtime. There are many services which provides such secure storage but AWS Secrets Manager is one of them.
AWS Secrets Manager provides the env variables via API. Documentation is here https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html
In Node.js backend projects, there are couple of NPM packages which provides API interface for the AWS Secrets.
jsecrets is one of the NPM packages.
https://www.npmjs.com/package/jsecrets
We can make the Node.js main process to load the env first asynchronously and boot other services such as database connection after that.
