ssm secret password automation in aws


please can you advice how can we automatic Secret,password store in parameter store to make process fully automatic and use cli to retrieve

asked 2 years ago978 views
2 Answers

Thank you for answering to that .

The question is how can we automat the process

answered 2 years ago
  • could you elaborate more details about the process you mentioned?



If you need to automate the rotation of credentials, then AWS Secrets Manager would be a better fit as it has this feature included. For examples, see the following two blog posts:

Rotate Amazon RDS database credentials automatically with AWS Secrets Manager How to use AWS Secrets Manager to rotate credentials for all Amazon RDS database types, including Oracle

You can then integrate Secrets Manager with Parameter Store so that you can retrieve Secrets Manager secrets when using other AWS services that already support references to Parameter Store parameters.

You can use the AWS Command Line Interface (AWS CLI), AWS Tools for Windows PowerShell, and the SDKs to retrieve a secret by using Parameter Store. Example CLI command:

aws ssm get-parameter \
    --name /aws/reference/secretsmanager/s1-secret:11111-aaa-bbb-ccc-123456789 \

For more information, see Referencing AWS Secrets Manager secrets from Parameter Store parameters .

Systems Manager Parameter Store does not include automatic rotation and would need to be customized. Although Advanced Parameters in Parameter Store do allow you to specify an expiration and expiration notification policy, for more information see Assigning parameter policies.

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions