I know in Cloudformation you can create Parameters using SSM, but I really want to know if you can use SSM in environment variables for a lambda. I know I can put the SSM paths and use the sdk in the code to get those values, but maybe there is a way to make that automatically without fetching values from code.
Thanks
You can directly fetch the values within CloudFormation from parameter store and pass it as an environment variable to the lambda using dynamic reference.
For example:
ServerlessTestLambda:
Type: AWS::Serverless::Function
Properties:
CodeUri: src
Handler: test-env-var.handler
Role: !GetAtt BasicLambdaRole.Arn
Environment:
Variables:
ParamStoreVar: "{{resolve:ssm:/test/ssmparam:3}}"
Events:
LambdaSchedule:
Type: Schedule
Properties:
Schedule: rate(3 minutes)
This is the lambda I created to test, and as you can see the value of the key would be replaced for the environment variable ParamStoreVar
Note - You cannot replace ssm securestring in the environment variable for obvious security reasons.
For more information: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html