I need to write a lambda function which makes an API call (to Airflow) using credentials stored in AWS SSM parameter store. I have been supplied with the key id for the credentials.
How can I securely query the credentials and integrate them (again securely) into the API call?
Is this on the right track:
Import boto3
key_supplied = 'the key I was supplied with'
client = boto3.client('ssm')
def lambda_handler(event, context):
parameter =
client.get_parameter(Name='key_supplied', WithDecryption=True)
print(parameter)
return parameter ['Parameter']['Value']
I usually have a simple function in such lambda functions:
def get_ssm_param(param: str) -> str:
session = boto3.session.Session()
ssm = session.client("ssm")
return ssm.get_parameter(param, WithDecryption=True)['Parameter']['Value']
Then it can be used as
def lambda_handler(event, context):
secure_param = get_ssm_param("secure_param_key")
...