A very useful feature of the AWS Lambda service is that you can specify your own environment variables to be set at the OS-level during each invocation. You can access these through your code.

This is a great way to parameterize certain variables that are likely to change throughout your code's life cycle, for example, the endpoint of a database.

This is also the perfect place for securing credentials so that they stay out of the code. Environment variables are encrypted automatically using the AWS Key Management Service (KMS). Using environment variables for credentials is one way to make sure they are secure, but maintaining these can get out of control quickly when you start deploying tens or hundreds of Lambda functions. ...