Secure and Centralized Config Management: A Node.js Workshop on AWS SSM Parameter Store

AWS Systems Manager Parameter Store provides a centralized store to manage configuration data, secrets, and other sensitive information. This information can be both plain text and encrypted data. You can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs, and license codes as parameter values. You can reference Systems Manager parameters in your scripts, commands, SSM documents, and configuration and automation workflows by using the unique name that you specified when you created the parameter. SSM Parameter Store is part of the AWS Systems Manager suite of management services that helps you automate management tasks across your AWS resources.

Parameter Store is also integrated with Secrets Manager. You can retrieve Secrets Manager secrets when using other AWS services that already support references to Parameter Store parameters. For more information, see Referencing AWS Secrets Manager secrets from Parameter Store parameters.

Types of Parameters

  • String: Simple, plaintext string. Useful for storing configuration data. Examples:

      abc123
    
      Example Corp
    
      <img src="images/bannerImage1.png"/>
    
  • StringList: A comma-separated list of strings. Also useful for storing configurations that can have multiple values. Examples:

      Monday,Wednesday,Friday
    
      CSV,TSV,CLF,ELF,JSON
    
  • SecureString: An encrypted string value, often used for storing secrets and sensitive information.

Workshop Exercise: Testing SSM Parameter Store using NodeJS and AWS SDK

Prerequisites

  1. Install Node.js and npm. This workshop was tested on NodeJS v20.2.0

  2. Install AWS CLI and configure it with your AWS credentials (aws configure).

  3. Create an IAM role with the necessary permissions to access the SSM Parameter Store.

Steps

Step 1: Initialize your Node.js project

Create a folder and initialize a Node.js project.

mkdir ssm-parameter-store-example
cd ssm-parameter-store-example
npm init -y

Step 2: Install AWS SDK

Run the following command to install the AWS SDK and necessary JavaScript v3 SDK packages. More info at Migrating your code to SDK for JavaScript V3

npm install aws-sdk
npm install @aws-sdk/client-ssm

Step 3: Create a JavaScript file and Add Code

Create a new file called index.js and add the following code.

const { SSMClient, GetParameterCommand } = require("@aws-sdk/client-ssm");

const ssmClient = new SSMClient({ region: "us-east-1" });

// Fetch a String parameter
const getStringParameter = async () => {
  const params = {
    Name: "myStringParameter"
  };
  const command = new GetParameterCommand(params);
  const response = await ssmClient.send(command);
  console.log("String Parameter:", response.Parameter.Value);
};

// Fetch a StringList parameter
const getStringListParameter = async () => {
  const params = {
    Name: "myStringListParameter"
  };
  const command = new GetParameterCommand(params);
  const response = await ssmClient.send(command);
  const values = response.Parameter.Value.split(",");
  console.log("String List Parameters:", values);
};

// Fetch a SecureString parameter
const getSecureStringParameter = async () => {
  const params = {
    Name: "mySecureStringParameter",
    WithDecryption: true
  };
  const command = new GetParameterCommand(params);
  const response = await ssmClient.send(command);
  console.log("Secure String Parameter:", response.Parameter.Value);
};

// Uncomment these function calls to test
getStringParameter();
getStringListParameter();
getSecureStringParameter();

Step 4: Add Parameters to SSM Parameter Store

  1. Log into the AWS Console.

  2. Go to Systems Manager -> Parameter Store.

  3. Create parameters:

    • Name: myStringParameter, Type: String, Value: Hello World

    • Name: myStringListParameter, Type: StringList, Value: Value1,Value2,Value3

    • Name: mySecureStringParameter, Type: SecureString, Value: SecretValue

Step 5: Run the code

Run the code to fetch the parameters.

node index.js

This will fetch and display the parameters from the SSM Parameter Store.

Remember to uncomment the function calls for the specific types you want to test in the index.js file.

Complete

You've successfully used the AWS SDK for Node.js to interact with the AWS SSM Parameter Store. You can now expand upon this to fetch parameters for your applications securely and reliably.

Full code available at: https://github.com/Brain2life/aws-sdk-cookbook/tree/main/get-parameters-from-ssm

References

  1. AWS Systems Manager Parameter Store

  2. https://github.com/Brain2life/aws-sdk-cookbook/tree/main/get-parameters-from-ssm