:zap: serverless-ssm-publish
Publish custom data to AWS SSM Parameter Store from serverless.yaml or Cloud Formation Output
Install
- Install with your choice of npm/yarn
npm install serverless-ssm-publish --save-dev
yarn add serverless-ssm-publish --save-dev
- Add the plugin to your
plugins
section in the serverless.yaml
plugins:
- serverless-ssm-publish
Usage
During deployment
Add any params you want published to SSM to your serverless.yaml custom section.
You can use source
to give the name of a Cloud Formation Output value you want published to SSM.
Ssm publish compares existing values and will only write if no value exists/ the value has changed.
resources:
Outputs:
ExampleStaticValue:
Value: example-static-value
Export:
Name: 'service-staticValue'
Description: initial description
custom:
secretToken: ${opt:secretToken}
vpc:
securityGroupIds: ['sg-nnnnnnnnnnnnn','sg-mmmmmmmmmm']
someConfiguration:
foo: bar
baz: 1
more:
- stuff
- here
ssmPublish:
enabled: true
params:
- path: /global/tokens/secretToken
value: ${self:custom.secretToken}
description: Super Secret Token
secure: true
enabled: false
- path: /global/tokens/secretToken
value: ${self:custom.someConfiguration}
- path: /service/config/storageBucket
source: ExampleStaticValue
secure: false
- path: /infrastructure/config/vpc/securityGroupIds
value: ${self:custom.vpc.securityGroupIds}
description: System VPC Security Group Ids
type: StringList
From the CLI
You can also call the plugin directly in order to update SSM params without running deployment/packaging.
sls ssmPublish