SSM Parameter Store

Build on your understanding of SSM by learning about Parameter Store.

SSM Parameter Store

SSM Parameter Store allows us to store and retrieve configuration data as key-value pairs. It’s serverless, scalable, secure storage that can be used for sensitive data such as passwords and encryption keys.

Points to note:

  • We can encrypt data in the SSM Parameter Store using KMS.
  • SSM Parameter Store provides versioning, allowing us to roll back to a previous version of data.
  • We can set access policies on parameters to control who can view, modify, or delete them.
  • All changes made to parameters can be audited using AWS CloudTrail.
  • SSM Parameter Store can be integrated with other AWS services such as Lambda, Elastic Beanstalk, EC2, and CloudFormation.
  • SSM Parameter Store doesn’t rotate data values automatically. We can use SSM Automation to rotate Parameter Store values.
  • It’s a great service for sharing secrets across accounts and AWS Regions.
  • We can organize our parameters in a hierarchical structure, making it easy to manage and retrieve them. For example, we can name our parameters environment/service/type:

Get hands-on with 1200+ tech skills courses.