aws-cdk-lib.aws_ssm.SecureStringParameterAttributes

interface SecureStringParameterAttributes

LanguageType name
.NETAmazon.CDK.AWS.SSM.SecureStringParameterAttributes
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsssm#SecureStringParameterAttributes
Javasoftware.amazon.awscdk.services.ssm.SecureStringParameterAttributes
Pythonaws_cdk.aws_ssm.SecureStringParameterAttributes
TypeScript (source)aws-cdk-lib » aws_ssm » SecureStringParameterAttributes

Attributes for secure string parameters.

Example

const parameterVersion = Token.asNumber({ Ref: 'MyParameter' });

// Retrieve the latest value of the non-secret parameter
// with name "/My/String/Parameter".
const stringValue = ssm.StringParameter.fromStringParameterAttributes(this, 'MyValue', {
  parameterName: '/My/Public/Parameter',
  // 'version' can be specified but is optional.
}).stringValue;
const stringValueVersionFromToken = ssm.StringParameter.fromStringParameterAttributes(this, 'MyValueVersionFromToken', {
  parameterName: '/My/Public/Parameter',
  // parameter version from token
  version: parameterVersion,
}).stringValue;

// Retrieve a specific version of the secret (SecureString) parameter.
// 'version' is always required.
const secretValue = ssm.StringParameter.fromSecureStringParameterAttributes(this, 'MySecureValue', {
  parameterName: '/My/Secret/Parameter',
  version: 5,
});
const secretValueVersionFromToken = ssm.StringParameter.fromSecureStringParameterAttributes(this, 'MySecureValueVersionFromToken', {
  parameterName: '/My/Secret/Parameter',
  // parameter version from token
  version: parameterVersion,
});

Properties

NameTypeDescription
parameterNamestringThe name of the parameter store value.
encryptionKey?IKeyThe encryption key that is used to encrypt this parameter.
simpleName?booleanIndicates of the parameter name is a simple name (i.e. does not include "/" separators).
version?numberThe version number of the value you wish to retrieve.

parameterName

Type: string

The name of the parameter store value.

This value can be a token or a concrete string. If it is a concrete string and includes "/" it must also be prefixed with a "/" (fully-qualified).


encryptionKey?

Type: IKey (optional, default: default master key)

The encryption key that is used to encrypt this parameter.


simpleName?

Type: boolean (optional, default: auto-detect based on parameterName)

Indicates of the parameter name is a simple name (i.e. does not include "/" separators).

This is only required only if parameterName is a token, which means we are unable to detect if the name is simple or "path-like" for the purpose of rendering SSM parameter ARNs.

If parameterName is not specified, simpleName must be true (or undefined) since the name generated by AWS CloudFormation is always a simple name.


version?

Type: number (optional, default: AWS CloudFormation uses the latest version of the parameter)

The version number of the value you wish to retrieve.