Usage of SecureString parameters in custom documents

Question

Usage of SecureString parameters in custom documents

Closed this issue 6 years ago · 3 comments

Hi,
I can't make it work - I'm trying to use a secure string parameter from the Parameter Store.
{ "schemaVersion": "2.2", "description": " .", "parameters": { "securestring": { "type": "String", "description": "Path to the ssh key in ssm parameter store - ssm:path", "default": "{{ssm:/test/test}}" } }, "mainSteps": [ { "action": "aws:runShellScript", "name": "runShellScript", "inputs": { "runCommand": [ "#!/bin/bash", "securestring='{{securestring}}'", "echo $securestring" ] } } ] }
This code works with String but not with SecureString parameter(default ssm KMS key). Could you please point me what I need to change to make it work? The error message said nothing.

Answer 1 · 2019-02-04T19:01:52.000Z

Hi Kostiantyn, I'm sorry that you're having trouble getting your secure string parameter code to work. I don't see any obvious problems from looking at your sample. I'll send this sample to the Parameter Store engineers and see if they have any suggestions. I hope to reply very soon. Best wishes, -Jim

Answer 2 · 2019-02-04T19:22:58.000Z

Hi Kostiantyn, the Parameter Store developer told me that we don't support SecureString parameters in SSM Documents. Parameters must use either String or StringList in SSM Documents. I will review our documentation to see if we state this information clearly. Again, I'm sorry for any trouble this might have caused you. Best wishes, -Jim

Answer 3 · 2019-02-04T20:12:43.000Z

Thank you, Jim.