Hi Sabir Mustafa, thanks for reading.

Thanks for the sharing, what-if we have different key from someone else or the KMS default keys are…

Sabir Mustafa

billydharmawan

Feb 8, 2020·1 min read

Hi Sabir Mustafa, thanks for reading. If you are using the default KMS key for encryption, then when you put the parameter to AWS SSM parameter store, your command would look like this:

$ ~/demo/kms-ssm-decrypt (venv) ❯ aws ssm put-parameter --name “/demo/secret/parameter” --value “thisIsASecret” --type SecureString --description “This is a secret parameter”

Notice that we don’t pass --key-id argument to the command.

The Python script would stay the same, because the SSM parameter has the information about which key that was used to encrypt it and so, when you call decryption on it, it knows which key to use.

Sabir Mustafa

billydharmawan

Feb 8, 2020·1 min read

billydharmawan

A passionate Software Engineer trying to leave a good legacy on earth

More from billydharmawan

A passionate Software Engineer trying to leave a good legacy on earth

More From Medium

AWS Java SDK V2

Integration Tests for Kafka Consumer

Consume Messages From Kafka Topics Using Python and Avro Consumer

3 Common Git Scenarios and How to Deal With Them

String in Kotlin

A Complete Guide to Python List

How I Automate My Church Organisation’s Zoom Meeting Attendance Reporting with Python

Beginner Guide to Exception and Exception Handling in Python

About
Help
Legal

About

Help

Legal

Get the Medium app