DEV Community

Cover image for Share Securely
Hari Karthigasu for AWS Community Builders

Posted on

Share Securely

Securely sharing confidential information between team members is one of the critical tasks we have to perform during our day-to-day life.

There are platforms we can use to share passwords or sensitive data. Such as onetimesecret.com, scrt.link and etc. Primarily they provide a one-time link to access your secret. The link will be disappeared once you access it.

In this article, I’ll be illustrating how we can implement a similar application via the AWS Serverless ecosystem.

Architecture

As shown above in the diagram, the web application has been hosted in AWS Amplify. It allows users to store and read their secrets.

The web application is backed by two lambda functions. They manage the DB operations. (For demo purpose I have used lambda functionalURL.)

The data will be stored in DynamoDB.

add_secret_1

add_secret_2

Add a Secret
Adding a secret has three steps,

  • Enter the Message.
  • Enter a secret key to protect your message.
  • Select the expiration time for the secret.

After the submission, the web application will invoke a Lambda functional URL to insert the data into DynamoDB.

Read a Secret

  • Access the shared link
  • Enter the provided Secret Key
  • Your secret will be displayed.

read_secret_1

read_secret_2

After a successful retrieval of a secret. The secret will be deleted from the database immediately.

Workflow

secret_share_workflow

DynamoDB has 4 attributes. SecretID (PK) and ExpirationTime (SK), Message, _and SecretKey_.

The TTL has been enabled on the ExpirationTime attribute. DyanmoDB deletes the record once it reaches the TTL value. This operation doesn’t consume a write capacity. However, DynamoDB TTL is not real-time. It’d take 24H-48H to remove a record from the DB. The lambda that reads the data has a logic to validate whether the requested secret is expired or not.

Demo

URL : https://secretshare.forexample.link

https://www.youtube.com/watch?v=q4W8R18ItzI

Source
https://github.com/harik8/temp-secret-share

Top comments (0)