Lambda functions use environment variables , you can set dynamically passed to the function code and libraries, without any code changes. Environment variables that you use AWS Lambda Console, AWS Lambda CLI or AWS Lambda Development Kit to create as part of the function and modify the configuration key value pairs. AWS Lambda will then use the appropriate language supported by the standard API (such as for Node.js function of process.env these key value for Lambda functions available to your code.
You can use environment variables to help libraries to know the following information: the installation files, storage location of output, storage connectivity and logging settings. These settings only by separating the application logic, when you need to change the appropriate settings based on different function behavior will not need to update your function code.
Environment Variables encryption
When you create or update the environment variables Lambda functions, AWS Lambda will use the AWS Key Management Service to encrypt. When the system calls your Lambda functions, these values have been encrypted and are available Lambda code uses.
When you first create or update the environment variables Lambda functions in a certain area, the system will automatically create a default service key AWS KMS in for you. This key is used to encrypt the environment variable. However, if you want to use encryption to help program and use KMS encrypted environment variable after creating Lambda functions, you must create your own AWS KMS key and select it instead of the default key.