SSM Parameter Store custom resource for CloudFormation templates
Switch branches/tags
Nothing to show
Clone or download
aidansteele Merge pull request #1 from rubendura/master
Allows choosing a different encription key
Latest commit 3ba40fe Jul 6, 2017
Permalink
Failed to load latest commit information.
README.md Initial commit Mar 12, 2017
cfn.yml Allows choosing a different encription key Jul 5, 2017
example.yml Initial commit Mar 12, 2017

README.md

SSM Parameter Store helper for CloudFormation templates

You know what's lame? CloudFormation not (yet) having support for storing values in Parameter Store. You know what's less lame? Lambda-backed custom resources so that we can polyfill this ourselves. Simply deploy cfn.yml into your AWS region and use like this:

AWSTemplateFormatVersion: "2010-09-09"
Parameters:
  SecretValue:
    Description: Sssh, it's a secret
    Type: String
    NoEcho: true
Resources:
  SecureParam:
    Type: Custom::CfnParamStore
    Properties:
      ServiceToken: !ImportValue CfnParamStore
      Type: SecureString
      Value: !Ref SecretValue
Outputs:
  ParamArn:
    Description: Arn of param in SSM param store
    Value: !GetAtt SecureParam.Arn

Note that neither CloudFormation, Lambda nor Parameter Store are global resources, so you will have to deploy the helper stack into each region that you wish to use this in.