Articles
Music
Code
Newsletter
Search

Decrypting SecureString Parameter Store parameters with Node.js

Josh Sherman
2 min read
Software Development AWS Node.js

Parameter Store, part of AWS Systems Manager gives you a quick and easy way to store parameters that you’d like to use in your applications. By selecting the SecureString type, you get the added bonus of encryption for you most secret parameters.

By default, when you fetch a SecureString type parameter, you will receive the encrypted version, which more than likely won’t be of much use to you:

import * as AWS from 'aws-sdk';

const ssm = new AWS.SSM();

const parameter = await ssm.getParameter({
	Name: 'secureParam',
}).promise();

const parameters = await ssm.getParameters({
	Names: ['insecureParam', 'secureParam'],
}).promise();

const byPath = await ssm.getParametersByPath({
	Path: '/secureParams/',
}).promise();

Fortunately, there’s no real effort to decrypting the variables. No keys to store or additional processing that needs to be done manually. To fetch the SecureString type parameters and have them decrypted along the way, simply include the WithDecryption property:

import * as AWS from 'aws-sdk';

const ssm = new AWS.SSM();

const parameter = await ssm.getParameter({
	Name: 'secureParam',
	WithDecryption: true,
}).promise();

const parameters = await ssm.getParameters({
	Names: ['insecureParam', 'secureParam'],
	WithDecryption: true,
}).promise();

const byPath = await ssm.getParametersByPath({
	Path: '/secureParams/',
	WithDecryption: true,
}).promise();
Join the Conversation

Good stuff? Want more?

Weekly emails about technology, development, and sometimes sauerkraut.

100% Fresh, Grade A Content, Never Spam.

About Josh

Husband. Father. Pug dad. Musician. Founder of Holiday API, Engineering Manager and Emoji Specialist at Mailshake, and author of the best damn Lorem Ipsum Library for PHP.

Currently Reading

Parasie Eve

Previous Reads

Buy Me a Coffee Become a Sponsor

Related Articles