Ssm client

This page contains examples with the Ssm client. See the client introduction for a more detailed description how to use a client. You may also want to consider the authentication documentation to understand the many ways you can authenticate with AWS.

The Ssm package could be installed with Composer.

composer require async-aws/ssm

A new client object may be instantiated by:

use AsyncAws\Ssm\SsmClient;

$ssm = new SsmClient();

The authentication parameters is read from the environment by default. You can also specify a AWS access id and secret:

use AsyncAws\Ssm\SsmClient;

$ssm = new SsmClient([
    'accessKeyId' => 'my_access_key',
    'accessKeySecret' => 'my_access_secret',
    'region' => 'eu-central-1',
]);

For all available options, see the configuration reference.

Usage¶

List parameters¶

use AsyncAws\Ssm\Input\GetParametersByPathRequest;
use AsyncAws\Ssm\SsmClient;

$ssm = new SsmClient();

$parameters = $ssm->getParametersByPath(new GetParametersByPathRequest([
    'Path' => '/projects/website',
    'Recursive' => true,
    'WithDecryption' => true,
]));

$secrets = [];
foreach ($parameters as $parameter) {
    $secrets[$parameter->getName()] = $parameter->getValue();
}

Store an encrypted parameter¶

use AsyncAws\Ssm\Enum\ParameterType;
use AsyncAws\Ssm\Input\PutParameterRequest;
use AsyncAws\Ssm\SsmClient;

$ssm = new SsmClient();
$parameters = $ssm->putParameter(new PutParameterRequest([
    'Name' => '/projects/website/database_password',
    'Value' => strtr(base64_encode(random_bytes(24)), '+/', '-_'),
    'Type' => ParameterType::SECURE_STRING,
    // 'KeyId' => $customKmsKeyId,
]));

The source code to this page is found on GitHub.