In the previous chapter, we created a Stripe account and got a pair of keys. Including the Stripe secret key. We need this in our app but we do not want to store this secret in our code. In this chapter, we’ll look at how to add secrets in SST.

We will be using the SST CLI to store secrets in the AWS SSM Parameter Store.

Change indicator Run the following in your project root.


You can run pnpm sst secrets list to see the secrets for the current stage.

Now that the secret is stored in AWS Parameter Store, we can add it into our stack using the Config construct.

Change indicator Add the following below the use(StorageStack) line in stacks/ApiStack.ts:

const STRIPE_SECRET_KEY = new Config.Secret(stack, "STRIPE_SECRET_KEY");

Change indicator Import Config in stacks/ApiStack.js. Replace the following.

import { Api, StackContext, use } from "sst/constructs";

Change indicator With:

import { Api, Config, StackContext, use } from "sst/constructs";

Change indicator Next, bind STRIPE_SECRET_KEY to the API in stacks/ApiStack.ts. Replace this:

function: {
  bind: [table],

Change indicator With:

function: {
  bind: [table, STRIPE_SECRET_KEY],

This will add STRIPE_SECRET_KEY as a secret in the stack. And allow our API to access the secret.

Now we are ready to add an API to handle billing.