samhstn/website

Make better use of ssm and template parameters

Closed this issue · 0 comments

samhstn commented

We current are using ssm excessively and not making use of cloudformation parameters.

We should use ssm for values which won't change and cloudformation parameters for dynamic values.

We could also look to hardcode certain values (such as GithubOwner and GithubRepo).

We should consolidate every key that we are using and decide how it should be managed.

The following is one better way our parameters could be managed:

Hardcoded in template

  • GithubOwner - will be samhstn and unlikely to change.
  • GithubRepo - will be samhstn and unlikely to change.

Cloudformation parameter

  • GithubBranch - should be overridable, for example when deploying a dev branch.
  • Namespace - should be overridable, for example when deploying a dev stack.
  • DomainName - should be overridable when deploying to url dev.samhstn.com.

Ssm parameter

  • AcmCertArn - will rarely be updated, but should be configured once.
  • DockerfileDigest - see #50

Secrets manager parameter

  • GithubPAToken
  • GithubSecret