AWS Systems Manager Parameter Store - charges for decryption

Question

I use `aws-sdk` gem for my rails project to retrieve data from  Parameter Store.

Aws documentation says that `There is no charge from Parameter Store to create a SecureString parameter, but charges for use of AWS KMS encryption do apply` -  which I understand

To retrieve any parameters(string or secure string) I use the following code
```
Aws::SSM::Client.new(
      region: region
  ).get_parameter(
      name: parameter_id,
      with_decryption: true
  ).to_h
```

As you can see I pass `with_decryption: true` to get the parameter, regardless it is a secure string or not.

My doubt is does it charge me if I use `with_decryption: true` while retrieving string parameter?

Should I omit  `with_decryption: true` when I retrieve a string parameter so that the AWS system manager does not use unnecessary decryption?

Or does the AWS system manager just skip `with_decryption: true` if the parameter is not a secure string?

Accepted Answer

As always in AWS you are paying for API calls, not parameters. So here you will only pay for usage of KMS service.

[Here](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm.html#SSM.Client.get_parameter) you can find that for String and StringList this parameter is simply ignored.

So you can have it for all calls and the cost will not be affected :)

AWS Systems Manager Parameter Store - charges for decryption

関連するコンテンツ