Encrypt secret configuration at rest in Vault. Access keys either:
- Encrypted variables never exposed to AWS/in console.
- Could be written in to a library and re-used based on approles.
Suggest using eslint as a linter and plug this into the Circle CI build process.
Suggest using airbnb's styleguide as it's very strict and hand-holdey, and provides good references as to why.