Doug Toppin's Blog

My thoughts on technology and other stuff

AWS SSM and the Parameter Store

An issue that I regularly encounter is how to store things like passwords and tokens in a manner that allows access to them across ec2 instances and desktops. One way is to use the AWS SSM parameter store. (admin console->ec2->Parameter Store). All you need to do is use the ‘create parameter’ function with a name and value. Retrieving it will return a json object that includes the value.

Accessing it via the cli is then done like this:

$ aws ssm get-parameters --names "test-parameter-1"
{
    "Parameters": [
    {
        "Name": "test-parameter-1",
        "Type": "String",
        "Value": "test value 1"
        }
    ],
    "InvalidParameters": []
}

An example of parsing a specific value using jq follows

$ aws ssm get-parameters --names "test-parameter-1" |jq .Parameters[].Value
"test value 1"

Finding what parameters are available can be done like this:

$ aws ssm describe-parameters
{
    "Parameters": [
    {
        "LastModifiedDate": 1499869122.618,
        "Name": "test-parameter-1",
        "Description": "experimenting with parameter store stuff",
        "Type": "String",
        "LastModifiedUser": "arn:aws:iam::xxx:user/xxx"
        }
    ]
}

Creating a parameter via the aws cli would look like this

$ aws ssm put-parameter --name test-parameter-2 --type String  --value test-value-2

Comments