aws_ssm

Description:

aws ssm

AWS Systems Manager Parameter Store #
AWS Systems Manager Parameter Store provides secure, hierarchical storage for configuration data management and secrets management. It can store data such as passwords, database strings, Amazon Machine Image (AMI) IDs and license codes as parameter values.




Prerequisites #
User Pool
Tutorial: Creating a user pool

Store "User Pool ID" value (User pool overview)
There must be at least one client application in the "Application Integration" tab "Application Client List -> Create Application Client".
Store the value "Client ID" (App client information)

Create Federated identities
Tutorial: Creating an identity pool

Assign "User pool ID" and "Client ID" to the fields in "Authentication providers -> Cognito"
Create a custom SSM Role: "Identity pool -> Edit identity pool -> Authenticated role"

{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ssm:GetParameters"
],
"Resource": "*"
}
]
}
copied to clipboard
Get cognito user JWT id token #
import 'package:amazon_cognito_identity_dart_2/cognito.dart';
...
final user = CognitoUser({{COGNITO_USER_NAME}}, CognitoUserPool(
userPoolId,
clientId,
));
CognitoUserSession? session = await user.authenticateUser(AuthenticationDetails(
username: {{COGNITO_USER_NAME}},
password: {{COGNITO_USER_PASSWORD}},
));
final idToken = session!.getIdToken().getJwtToken();
copied to clipboard
Get list of AWS Systems Manager Parameters #
import 'aws_ssm.dart';
...
try {
final names = ['db-url', 'my-username', 'my-password'];
final ssm = AwsSSM(region, userPoolId, identityPoolId);
final values = await ssm.getListParams(idToken, names);
print(values); //['db-url-value', 'my-username-value', 'my-password-value']
} catch (ex) {
print(ex);
}
copied to clipboard
Get map of AWS Systems Manager Parameters #
import 'aws_ssm.dart';
...
try {
final names = ['db-url', 'my-username', 'my-password'];
final ssm = AwsSSM(region, userPoolId, identityPoolId);
final values = await ssm.getListParams(idToken, names);
print(values); //{'db-url': 'db-url-value', 'my-username': 'my-username-value', 'my-password': 'my-password-value'}
} catch (ex) {
print(ex);
}
copied to clipboard
List of API's #
import 'aws_ssm.dart';
...
try {
final ssm = AwsSSM(region, userPoolId, identityPoolId);
final credentials = await ssm.getCognitoCredentialsForIdentity(idToken);
final payload = ssm.createPayload(names, true);
final datetime = await ssm.getServerDateTime();
final headers = ssm.createAWS4Header(credentials, payload, datetime);
final params = await ssm.getParameters(headers, payload);
final values = ssm.toMap<String>(names, params);
print(values);
} catch (ex) {
print(ex);
}
copied to clipboard