AWS SSM Parameter Store Overview

• Secure Storage: SSM Parameter Store provides secure storage for configuration data and secrets.
• Encryption: Optional encryption of stored parameters using AWS KMS for enhanced security.
• Serverless: The service is serverless, meaning it scales automatically and requires no infrastructure management.
• SDK Integration: Offers an easy-to-use SDK for integration with applications.
• Version Tracking: Supports version tracking for parameter updates.
• IAM Security: Access control is managed through AWS Identity and Access Management (IAM).
• EventBridge Notifications: Integration with Amazon EventBridge for receiving notifications on specific events.
• CloudFormation Integration: Parameters can be used as inputs for AWS CloudFormation stacks.

Examples of Usage

• Plain Text Configuration: Store non-sensitive configuration data as plain text.
• Encrypted Configuration: Store sensitive data encrypted with AWS KMS, ensuring applications have access to the necessary KMS keys.
• Hierarchical Organization: Organize parameters in a hierarchical structure (e.g., /department/my-app/dev/db-url).
• IAM Policy Simplification: Structure allows for simplified IAM policies targeting departments, apps, or specific environments.
• Secrets Manager Integration: Access Secrets Manager secrets through Parameter Store using specific references.
• Public Parameters: Utilize AWS-provided public parameters, such as the latest Amazon Linux 2 AMI for a region.

Systems Manager Parameter Tiers

• Standard Tier:
  • Size limit: 4KB
  • Parameter policies: None
  • Cost: Free
• Advanced Tier:
  • Size limit: 8KB
  • Parameter policies: Available
  • Cost: $0.05 per month