by Justin Cook
Hi All,
I know we have been waiting for this feature set to go GA for some time, since we all have hacks for it but yes, it is finally here.
Before we begin, letโs cover the basics: Parameter Store is part of the application management tools offered by the AWS Systems Manager (SSM) service. Parameter Store allows you to create key-value parameters to save your application configurations, custom environment variables, product keys, and credentials on a single interface. Parameter Store allows you to secure your data by encryption which is integrated with AWS KMS.
Just remember: With an advanced secure string parameter value, Parameter Store uses the AWS Encryption SDK to decrypt the parameter value. This requires a call to AWS KMS to decrypt the encrypted data key.
Parameter Store, a capability of AWS Systems Manager that provides secure storage for configuration data by storing the entire encrypted message in the secure string parameter value, now allows you to share advanced-tier parameters with other AWS accounts, enabling you to centrally manage your configuration data. Parameters are key-value pairs that you can reference in code and through several AWS integrations such as AWS CloudFormation and Amazon EC2. Today, many customers have workloads in multiple AWS accounts that depend on shared configuration data. Now, you can maintain a single source of truth for configuration data by sharing parameters with other accounts that need access rather than manually duplicating and synchronizing data across accounts.
You can use central AWS accounts to share parameters for many cross-account scenarios, such as referencing centrally managed โgoldenโ AMI IDs in EC2 Launch Templates for autoscaling, Virtual Private Cloud (VPC) IDs and domain join passwords in CloudFormation templates, and API keys in distributed applications. To share parameters, you add them to an AWS Resource Access Manager resource share. This allows you to select which parameters you want to share, principals you want to share with (e.g. AWS Organization), and permissions to grant.
Find out more about working with Shared Parameters here:
https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-shared-parameters.html
Thanks and Contact Us with any questions!
