@code-dome/cdk-parameter-store
v1.64.0
Published
CDK helper class that retrieves and stores values from AWS SSM Parameter Store and AWS Secrets Manager
Downloads
10
Maintainers
Readme
cdk-parameter-store
CDK helper class that retrieves and stores values from AWS SSM Parameter Store and AWS Secrets Manager
Installation
$ npm install @code-dome/cdk-parameter-store
Usage
const { ParameterStore } = require('@code-dome/cdk-parameter-store');
// 1.1 Define key/value relationships for your parameter names as found in SSM Parameter Store
const parameters = {
myParameter: 'name/of/my/parameter/in/ssm',
apiURL: 'project/backend/api/url',
};
// 1.2 Define key/value relationships for your secret names (and version) as found in Secrets Manager
const secrets = {
superSecretValue :{
name: 'name/of/my/secret/in/secretsManager',
version: 1
},
}
class MyStack extends Stack {
constructor(scope, id, props) {
super(scope, id, props);
// 2. Create an instance of ParameterStore in the scope of your stack, construct or stage
const store = new ParameterStore(this);
// 3. Load parameter names
const cleanParameters = store.loadStringsWithNames(parameters);
const secureParameters = store.loadeSecureStringsWithNames(secrets);
// 4. Retreive parameter values (CDK resolvables)
const myParameter = cleanParameters.myParameter;
const myParameterAgain = store.getResolvableByKey('myParameter');
const myParameterYetAgain = store.getResolvableByName('name/of/my/parameter/in/ssm');
// Bonus. You can load more parameters later
const myOtherParameter = store.loadStringWithName('my/other/parameter', 'myOtherParameter');
const myOtherParameterAgain = store.getResolvableByKey('myOtherParameter');
const myOtherParameterYetAgain = store.getResolvableByName('my/other/parameter');
}
}
Important Notes
- ParameterStore is not a construct or a stack, it does not create any resources in AWS
- The instance still needs the scope of your stack, construct or stage so that CDK knows which account/region to search in.
- If the parameter does not exist, CDK will crash and burn.
- Current version of this module will only retrieve the latest version of the secret or parameter.
- Secure strings in SSM Parameter Store are not available in CDK as of CDK 1.64.0
Class Definition
Properties
- scope: The scope of the parent stack, construct or stage.
- resolvableParametersByKey:
{ key1: 'value', ... }
All loaded parameter and secret values by key. - resolvableParametersByName:
{ name1: 'value', ... }
All loaded parameter and secret values by name.
Methods
constructor(scope: Construct): ParameterStore
Initializes instance propertiesexposeValue(value: string, name: string, key: string): string (IResolvable)
Adds avalue
to theresolvableParametersByKey
andresolvableParametersByName
with the givenname
andkey
getResolvableByKey(key: string): string (IResolvable)
Returns the loaded value with keykey
getResolvableByName(name: string): string (IResolvable)
Returns the loaded valueloadSecureStringWithName({ name: string, version: Number }, key: string): string (IResolvable)
Loads content of Secret with namename
from Secrets Manager, then exposes the value bykey
andname
usingexposeValue()
loadSecureStringsWithNames(secretNames: Object <{ key: { name: string, version: Number }, ...}>): Object <{ key: string (IResolvable), ... }>
CallsloadSecureStringWithName()
for each key insecretNames
loadStringWithName(name: string, key: string): string (IResolvable)
Lookup of string parameter namedname
in SSM, then exposes the value bykey
andname
usingexposeValue()
loadStringsWithNames(parameterNames: Object <{ key: 'name', ...}>): Object <{ key: string (IResolvable), ... }>
CallsloadStringWithName()
for each key inparameterNames
Test
npm test
TODO
- Handle version in SSM and Secrets
- Handle StringListParameter