2

How to get all parameter name value pairs with a single call to AWS-Parameters-and-Secrets-Lambda-Extension (arn:aws:lambda:eu-west-1:015030872274:layer:AWS-Parameters-and-Secrets-Lambda-Extension:4)

i.e. Equivalent call to this AWS CLI to non Lambda Layer SSM Parameter Store:

aws ssm get-parameters-by-path --path "/service1/prod" --recursive

Instead of this piece of code (c# / .net6) where for each key a request/response is being made:

var stage = "prod";
var awsSessionToken = Environment.GetEnvironmentVariable("AWS_SESSION_TOKEN");
var request = new RestRequest(
        "http://localhost:2773/systemsmanager/parameters/get",
        Method.Get
    )
    .AddHeader("X-Aws-Parameters-Secrets-Token", awsSessionToken)
    .AddQueryParameter("withDecryption", true);
Log.Information("{@Request}", request);
var keys = new string[] {
    $"/service1/{stage}/key1",
    $"/service1/{stage}/key2",
    $"/service1/{stage}/key3",
    $"/service1/{stage}/key4",
    $"/service1/{stage}/key5",
    $"/service1/{stage}/key6",
    $"/service1/{stage}/key7",
    $"/service1/{stage}/key8",
    $"/service1/{stage}/key9",
    $"/service1/{stage}/key10",
    $"/service1/{stage}/key11",
};
foreach (var key in keys)
{
    var _request = request
        .AddOrUpdateParameter("name", key, ParameterType.QueryString);
    var _response =
        await restClient.ExecuteGetAsync<ParameterResponse>(_request);
    Parameters.Add(new Parameter(_response.Data.Parameter.Name,
            _response.Data.Parameter.Value
        )
    );
}

Please note that I can implement the flow in C#, I just can't find the specifics of the API more detailed than in here.

Improve this question

1 Answer 1

Reset to default
1

The AWS-Parameters-and-Secrets-Lambda-Extension layer does not have the capability to retrieve SSM parameters based on a path value. Instead, it expects a name parameter in the query string, so you can retrieve only one record at a time based on the SSM parameter name.

If you want to retrieve SSM parameters based on a path value, then you can use the following NuGet package, which enables you to retrieve multiple configuration values simultaneously from the SSM parameter store.

Amazon.Extensions.Configuration.SystemsManager

The mentioned Amazon Systems Manager NuGet package utilizes the .NET ConfigurationBuilder to process the configuration values from the SSM parameter store. In order to access the ConfigurationBuilder, you also need to include the following NuGet packages in your lambda function.

Microsoft.Extensions.Configuration
Microsoft.Extensions.Options.ConfigurationExtensions

Here is a sample code snippet that shows how to retrieve configuration values from the SSM parameter store based on the path value:

public class FunctionHandler
{
    private readonly AppConfig _appConfig;
    
    public FunctionHandler()
    {
        var configurations = new ConfigurationBuilder()
            .AddSystemsManager(cs =>
            {
                cs.Path = "/service1/prod";
                cs.ReloadAfter = TimeSpan.FromMinutes(10);
            })
            .Build();
        // Define AppConfig to match your SSM path hierarchy  
        var config = configurations.Get<AppConfig>();
    }

    public string Handle(string input, ILambdaContext context)
    {
        return JsonConvert.SerializeObject(_appConfig);
    }

p.s. To retrieve configuration values by the path in your Lambda function, you should grant the following IAM role permission: ssm:GetParametersByPath

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Amazon.Extensions.Configuration.SystemsManager would still try to fetch the params from the actual SSM not the layer though, right?
Yes, it will fetch configs directly from the SSM parameter store, not through the lambda layer/extension.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.