Skip to content

SSM Parameter Store for Terraform Outputs

Overview

This Terraform module is designed to store Terraform outputs in AWS Systems Manager (SSM) Parameter Store and provide functionality to look up parameters for cross stack reference. It helps store and retrieve parameters across different terraform stacks and environments.

Features

  • Store parameters in SSM Parameter Store with customizable hierarchies.
  • Retrieve parameters from SSM Parameter Store based on specified paths.
  • Retrieve list of stack names and parameters.
  • Filter stacks with prefixes.
  • Support for securely storing sensitive parameters.
  • Dynamically identify and retrieve the latest stack parameters.

Example

Store parameters in SSM Parameter Store: 

module "ssm_parameters" {
  source           = "./path-to-your-module"

  base_prefix      = "infrastructure"
  stack_type       = "platform"
  stack_name       = "stack-123"

  parameters = {
    cluster_endpoint = {
      type           = "String"
      insecure_value = "https://cluster-zxcv.local"
    }
    cluster_name = {
      insecure_value = "cluster-123"
    }
  }

  tags = {
    Environment = "dev"
    Terraform   = "true"
  }
}

Retrieve parameters from SSM Parameter Store: 

module "ssm_lookup" {
  source           = "./path-to-your-module"

  base_prefix       = "infrastructure"
  stack_type        = "platform"
  stack_name_prefix = "stack-"

  lookup = [
    "cluster_endpoint",
    "cluster_name"
  ]

  tags = {
    Environment = "dev"
    Terraform   = "true"
  }
}

Outputs: 

ssm_lookup = {
  "filtered_parameters" = {
    "/infrastructure/platform/stack-123/cluster_endpoint" = "cluster-zxcv"
    "/infrastructure/platform/stack-123/cluster_name" = "foo"
    "/infrastructure/platform/stack-234/cluster_endpoint" = "cluster-asjf"
    "/infrastructure/platform/stack-234/cluster_name" = "bar"
  }
  "latest_stack_parameters" = {
    "/infrastructure/platform/stack-234/cluster_endpoint" = "https://cluster-asjf.local"
    "/infrastructure/platform/stack-234/cluster_name" = "bar"
  }
  "lookup" = {
    "stack-123" = {
      "cluster_endpoint" = "https://cluster-zxcv.local"
      "cluster_name" = "foo"
    }
    "stack-234" = {
      "cluster_endpoint" = "https://cluster-asjf.local"
      "cluster_name" = "bar"
    }
  }
  # All parameters stored in SSM
  "parameters" = tomap({
    "/infrastructure/platform/stack-123/cluster_endpoint" = "https://cluster-zxcv.local"
    "/infrastructure/platform/stack-123/cluster_name" = "foo"
    "/infrastructure/platform/stack-234/cluster_endpoint" = "https://cluster-asjf.local"
    "/infrastructure/platform/stack-234/cluster_name" = "bar"
  })
  "stacks" = tolist([
    "stack-123",
    "stack-234",
  ])
}

Implementation Details

Storing Parameters

Parameters are stored in SSM Parameter Store using the aws_ssm_parameter resource. The parameter name is constructed using the base_prefix, stack_type, and stack_name, forming a hierarchy.

Retrieving Parameters

The module uses the aws_ssm_parameters_by_path data source to retrieve parameters from SSM Parameter Store based on the specified path. The retrieved parameters are processed to:

  • Filter parameters by stack name prefix.
  • Extract unique stack names.
  • Create a lookup map for stack-specific parameters.
  • Identify and retrieve the latest stack parameters.

Filtering and Lookup

The filtered_parameters local variable is used to filter parameters based on the stack name prefix. The lookup local variable creates a nested map of stack-specific parameters based on the provided lookup list. The latest_stack_parameters local variable identifies and retrieves parameters for the last created stack since we use timestamps in the stack names suffix.

Requirements

Name Version
terraform >= 1.3.2
aws ~> 5.42

Providers

Name Version
aws ~> 5.42

Modules

No modules.

Resources

Name Type
aws_ssm_parameter.cluster_name resource
aws_ssm_parameters_by_path.this data source

Inputs

Name Description Type Default Required
base_prefix Base SSM namespace prefix for the parameters string "infrastructure" no
create Create the SSM parameters bool true no
lookup List of parameters to Lookup list(any) [] no
parameters Map of SSM parameters to create 
map(object({
    name           = optional(string)
    type           = optional(string, "String")
    value          = optional(string)
    insecure_value = optional(string)
  }))
 {} no
stack_name The name of the stack string null no
stack_name_prefix Filter all stacks that include this prefix in the name. string "" no
stack_type The type of terraform stack to be used in the namespace prefix. platform, network, account, shared string "" no
tags Default tags to apply to all resources map(string) {} no

Outputs

Name Description
filtered_parameters List of parameters filtered by stack name prefix
latest_stack_parameters Latest created stack parameters
lookup Map of parameters from filtered parameters containing only keys defined in lookup
parameters All parameters defined in SSM
stacks List of stacks defined in SSM ordered by creation date (latest first)

Contributions

Contributions to enhance the functionality and flexibility of this module are welcome. Please submit a pull request or open an issue to discuss any changes.

License

This project is licensed under the MIT License. See the LICENSE file for details.