SSM Parameter Store Flashcards
1
Q
What is SSM Parameter Store?
A
It is a serverless, scalable, and durable service that offers secure storage for configuration and secrets and optional Seamless Encryption using KMS
2
Q
What are the main features offered by SSM Parameter Store?
A
- Version tracking of configurations / secrets
- Configuration management using path & IAM
- Notifications with CloudWatch Events
- Integration with CloudFormation
3
Q
How does work SSM Parameter Store hierarchy?
A
/my-department/ my-app/ dev/ db-url db-password prod/ db-url db-password other-app/ /other-department/ /aws/reference/secretsmanager/secret_ID_in_Secrets_Manager /aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-g
4
Q
What are the main differences between SSM Parameter Store standard and advanced parameter tiers?
A
Standard is free. Advanced can use Parameter policies and allows more parameters and bigger parameters as well.
5
Q
What are SSM Parameter Store policies?
A
- Allow to assign a TTL to a parameter (expiration date) to force updating or deleting sensitive data such as passwords
- Can assign multiple policies at a time
6
Q
Set 3 SSM Parameter Store policies examples?
A
- Delete my parameter on a date
- Notify me N days before my parameter expires
- Notify me if my parameter has not changed after N days
