Getting String and SecureString Parameter Store parameters with Node.js

Josh Sherman
1 min read
Software Development AWS Node.js

Parameter Store has slowly become one of my favorite things about AWS. It makes it easy to share things between ECS tasks and services, and Lambdas. The parameters can be references inside of a CodeBuild buildspec file, and it’s all language agnostic, which is handy if you are running different technologies across your infrastructure.

With support for both String and SecureString parameter types, you can choose your own adventure in terms of how securely stored a parameter needs to be. I opt to use SecureString for anything sensitive (passwords, API keys, and such) and String for just about everything else.

While there is also a StringList type, I don’t ever use it. I’m sure it’s a fine parameter type, but as all it does is store a comma separated list of strings, and doesn’t have a SecureStringList counterpart, I don’t see the need in reaching for it.

So let’s say you have a mix of String and SecureString parameters. We know that if we want to fetch a SecureString, we have to pass in the WithDecryption parameter when making the request. Does that mean we’ll have to make separate requests, one with WithDecryption and one without WithDecryption (or with it set to false)?

Nope, as it turns out, the WithDecryption value can be set when getting plain ol’ String parameter types. It’s smart enough to know that the value doesn’t need decrypted and will return the value. Because of this, we can fetch both String and SecureString parameter types together:

import * as AWS from 'aws-sdk';

const ssm = new AWS.SSM();

const parameters = await ssm.getParameters({
	Names: ['insecureParam', 'secureParam'],
	WithDecryption: true,
}).promise();
Join the Conversation

Good stuff? Want more?

Weekly emails about technology, development, and sometimes sauerkraut.

100% Fresh, Grade A Content, Never Spam.

About Josh

Husband. Father. Pug dad. Musician. Founder of Holiday API, Head of Engineering and Emoji Specialist at Mailshake, and author of the best damn Lorem Ipsum Library for PHP.

Currently Reading

Parasie Eve

Previous Reads

Buy Me a Coffee Become a Sponsor

Related Articles