English / 日本語
Provides access control over parameters in Parameter Store on AWS Systems Manager.
This library is supposed to be combined with the AWS Cloud Development Kit (CDK) version 2.
npm install https://github.com/codemonger-io/cdk-ghost-string-parameter.git#v0.1.1
The only class this library provides is GhostStringParameter
.
Here is an example to use it:
import { GhostStringParameter } from 'cdk-ghost-string-parameter';
import { aws_iam as iam } from 'aws-cdk-lib';
import { Construct } from 'constructs';
class SampleConstruct extends Construct {
readonly parameter: GhostStringParameter;
constructor(scope: Construct, id: string) {
super(scope, id);
this.parameter = new GhostStringParameter(this, {
parameterName: '/parameters/SAMPLE_PARAMETER'
});
}
grantReadParameter(grantee: iam.IGrantable): iam.Grant {
return this.parameter.grantRead(grantee);
}
}
You can find the API documentation in api-docs/markdown
.
The CDK provides aws-cdk-lib.aws_ssm.StringParameter (StringParameter)
that represents a parameter in Parameter Store on AWS Systems Manager.
With StringParameter
, you can control access to the parameter via the API like grantRead
.
However, to use StringParameter
, you have to
- provision the parameter in the CDK stack
- or bind it to an existing parameter
Unfortunately, you cannot use StringParameter
if you want to create the parameter in the futer after the CDK stack is deployed.
If you want to control access to a parameter that does not exist at deployment without provisioning it, this library could help you.
npm ci
npm run build
npm run build:doc