creating ssm secure string with cloudformation

About

Asked 12/9, 2018 at 17:10 Answered 13/9, 2018 at 0:56

Solved aws-cloudformation aws-parameter-store

since August 2018 AWS CloudFormation supports AWS Systems Manager Secure String Parameters in CloudFormation Templates.

I have been searching high and low but wasnt able to find a way to create a ssm-secure-string via Cloudformation like I can do it for simple SSM parameter via

Type: "AWS::SSM::Parameter"
Properties: 
  AllowedPattern: String
  Description: String
  Name: String
  Type: String
  Value: String

Can someone help me out? Or is there no way to generate the ssm-secure string right now via Cloudformtion?

Merci A

Faruq answered 12/9, 2018 at 17:10 Comment(1)

github.com/aws-cloudformation/… – Ignitron 26/3, 2020 at 0:34

As per current docs, it's not supported to create SSM secure string via cloudformation.

Note

AWS CloudFormation doesn't support the SecureString parameter type.

What introduced in Aug 2018 is the support for SSM Secure String as Parameters in cloudformation. Link

For the time being, CustomResource is the only way, however having raw value in any kind of infra template for secure string is not recommended.

Updated (Nov 2019):

As per this, we can provide 3rd party resource provider for such use cases. CustomResource is good but kind of repetitive if you use in multiple stacks. So now I would prefer using this 3rd party resource providers for common use cases like secure SSM. It's farily simple to implement as well.

Rap answered 13/9, 2018 at 0:56 Comment(3)

merci, I will have a look into the Custom Resource technology. – Faruq 13/9, 2018 at 9:38

I believe that in 2021 one can use AWS::SecretsManager::Secret – Isolative 24/9, 2021 at 15:2

@Isolative let's not forget $.40 per secret, vs free with standard parameters. costs are important to consider. – Franfranc 9/11, 2021 at 1:11

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags