npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

xregion-ssm-parameter-reader

v0.0.5

Published

Easy-to-use CDK construct for reading SSM parameters in a cross-account cross-region fashion, overcoming the limits of the native SSM parameter.

Downloads

623

Readme

Cross-region cross-account SSM parameter reader construct for AWS CDK

Easy-to-use CDK construct for reading SSM parameters in a cross-account cross-region fashion, overcoming the limits of the native SSM parameter.

Introduction

This construct has been created to be able to share pieces of information across regions (and accounts) in deployment pipelines but it can be used also outside of the CI/CD context.

Cross-region example

This strategy is particularly useful in case of a deployment pipeline where you want to share the same parameter across regions within the same account.

As part of a stack deployed in region-1, create the parameter as usual:

new StringParameter(this, 'param', {
    parameterName: '/param/name'
    stringValue: 'param value',
});

When in region-2, use the following to read the parameter value:

const paramValue = new SSMParameterReader(this, 'SSMParameterReader', {
    parameterName: '/param/name',
    region: 'region-1',
}).retrieveParameterValue();

Cross-account example

This strategy is useful still in a deployment pipeline but to share a parameter across regions and accounts. For example, let's assume we want to share the same transit gateway across accounts and regions. The pipeline can be deployed in a CICD account, separated from the usual target accounts (i.e. dev, test and prod).

In this case you would share the resource using Resource Access Manager (out of scope for this example) and you will create two parameters in region-1 and in the CICD account, to share the transit gateway ID and the shared resource ARN:

const principals = [ new AccountPrincipal(devAccount), new AccountPrincipal(testAccount), new AccountPrincipal(prodAccount)];

const transitGWParam = new StringParameter(this, 'transitGWParam', {
    parameterName: 'transitGW',
    stringValue: transitGW.attrId,
});

const transitShareParam = new StringParameter(this, 'transitShareParam', {
    parameterName: 'transitShare',
    stringValue: resourceShare.attrArn,
});

new Role(this,'transitRole',{
    assumedBy: new CompositePrincipal(...principals),
    roleName: 'transit-role-region-1'
}).addToPrincipalPolicy(new PolicyStatement({
    actions: [ 'ssm:GetParameter*' ],
    resources: [ transitGWParam.parameterArn, transitShareParam.parameterArn ]
}));

When in region-2 and in one of the target accounts, to read the parameters value:

const cicdAccount = 12345678;
const cicdRegion = region-1;

const transitGW = new SSMParameterReader(this, 'transitGWReader', { 
    parameterName: 'transitGW', 
    region: cicdRegion,
    roleArn: `arn:aws:iam::${cicdAccount}:role/transit-role-${cicdRegion}`
}).retrieveParameterValue();