Sanchez333
Reputation: 408
Secure way to utilize AWS SSM parameter store to make API call
I need to write a lambda function which makes an API call (to Airflow) using credentials stored in AWS SSM parameter store. I have been supplied with the key id for the credentials.
How can I securely query the credentials and integrate them (again securely) into the API call?
Is this on the right track:
Import boto3
key_supplied = 'the key I was supplied with'
client = boto3.client('ssm')
def lambda_handler(event, context):
parameter =
client.get_parameter(Name='key_supplied', WithDecryption=True)
print(parameter)
return parameter ['Parameter']['Value']
Upvotes: 0
Views: 398
Answers (1)
ljmc
Reputation: 5315
I usually have a simple function in such lambda functions:
def get_ssm_param(param: str) -> str:
session = boto3.session.Session()
ssm = session.client("ssm")
return ssm.get_parameter(param, WithDecryption=True)['Parameter']['Value']
Then it can be used as
def lambda_handler(event, context):
secure_param = get_ssm_param("secure_param_key")
...
Upvotes: 2
Related Questions
- MongoDB shell: how to remove all collections except list
- how to remove all documents from a collection except one in MongoDB
- MongoDB: How To Delete All Records Of A Collection in MongoDB Shell?
- Delete all documents in MongoDB collections in Mongo shell
- how to clear _SCHEMA collection in mongodb
- MongoDB: Removing all collections whose name matches a string
- How to remove document from all collections in Mongo database
- MongoDB shell: How to remove specific elements in all the collections inside a DB
- MongoDB - Remove Objects From Collection
- How to remove given list of documents from collection mongodb