AWS Lambda Environment Variables: Console, CLI, SAM & CDK
How to set and manage environment variables in AWS Lambda. Covers the console, CLI, SAM templates, CDK, Terraform, KMS encryption, and Secrets Manager integration.
Last updated:
Frequently Asked Questions
What is the size limit for Lambda environment variables?
AWS Lambda allows up to 4 KB total for all environment variables combined (keys + values). If you need more, store configuration in AWS Systems Manager Parameter Store or Secrets Manager and fetch it at runtime.
How do I encrypt Lambda environment variables?
Lambda encrypts all environment variables at rest with a default AWS KMS key. For additional security, use a customer-managed KMS key and encrypt sensitive values before deploying. Decrypt them at runtime using the AWS KMS SDK.
Should I use environment variables or Secrets Manager for Lambda?
Use environment variables for non-sensitive configuration (feature flags, API endpoints, region names). Use Secrets Manager or Parameter Store for sensitive data (API keys, database passwords) — they provide rotation, audit trails, and cross-account access.
Stay up to date
Get notified about new guides, tools, and cheatsheets.
Related Cheatsheets
Related Guides
Vercel Environment Variables: Dashboard, CLI & Edge
How to configure environment variables on Vercel. Covers the dashboard, CLI (vercel env pull), system variables, per-environment settings, and Edge function access.
Next.js Environment Variables: Complete Guide
How Next.js handles environment variables: .env files, NEXT_PUBLIC_ prefix, server vs client access, load order, and common production errors.
GitHub Actions: Secrets vs Environment Variables
When to use repository secrets, environment secrets, and configuration variables in GitHub Actions. Includes workflow examples for Node.js, Python, and Docker.