Hello Readers! We are again back with a new interesting service of AWS. Here we will get to know all about the AWS Parameter store. Firstly we will see what is AWS Parameter store, what are its features, and why to use this service. After that, we will see the steps of using this AWS service.
Introduction to AWS Parameter store:
AWS Parameter store is a part of the AWS System service manager. Basically, it’s a vault in the cloud provided by AWS. It can be used for the centralized management of passwords, and for storing confidential information such as secrets, strings, and codes. And it can be later safely used in scripts or any services. AWS parameter keeps track of version history when these values change.
- Parameters are pairs stored in the form of key: value.
- Encrypts sensitive parameters.
- These parameters can be securely used in scripts, documents, and other AWS services.
- It can be easily integrated with other AWS services like lambda, cloud formation, etc.
- It also uses the IAM policy to control access to parameters.
- It supports a version-tracking feature by which parameter changes can be tracked. Can also get a notification if changes are made to the parameter.
- It is also used to store nested secrets as shown in the flow below:
So, this is how it is stored in nested formats. Here each parameter can be easily accessed by knowing the hierarchy of the parameters.
Create and store secrets in the AWS Parameter store:
Step 1: Open AWS Management Console. Search for Parameter store.
So Click on create parameter.
Step 2: Enter a parameter name and path. Give here a description of the parameter store.
Step 3: Select tier. AWS Parameter store provides two options standard and advanced tier.
- Standard tier: It has a limit of 10,000 parameters and sizes of up to 4Kb. Parameter policies cannot be applied. No additional charge is charged.
- Advanced tier: It has a limit of more than 10,000 parameters and a size of up to 8Kb. Parameter policies can be applied. Here additional charge is charged.
Step 4: Choose the type of parameter store you want to use. Types can be:
- String: It is any string value. It will be an unencrypted parameter value.
- StringList: It is any separate string using commas. It will be an unencrypted parameter value.
- SecureString: It is encrypted sensitive data using KMS keys from your account or another account.
I will go forward with SecureString.
Step 5: Now, select AWS KMS source. We have two options here my current account and another account. Choose KMS key id.
Step 6: Give here the value for the parameter. As we are using a secure string it will be in an encrypted format.
Step 7: Adding a tag is optional. So Click on Create parameter.
Yes, it is created successfully now as we can see below.
So its detailed view can be seen from here. The parameter value is present in encrypted form.
Now, this is all ready for use.
So, We are all done now!!
Thank you for sticking to the end. So, in this blog, we have learned how to use the AWS parameter store. This is really very quick and simple. Therefore if you like this blog, please share my blog and show your appreciation by giving thumbs-ups, and don’t forget to give me suggestions on how I can improve my future blogs that can suit your needs.