I really love AWS Parameter Store. It’s a services where you can save encrypted data such as keys and password. These encrypted values can be queried and downloaded into an EC2-instance and used. This could be things such as RDS DB passwords, private SSH keys etc. I actually used it for a private SSH key. I needed the server to run a ‘git pull’ at specific times in the day, and there was no webhook available, so I did it like that.

Yesterday I did a small task updating our Saltmaster configuration using Github webhooks, API Gateway, AWS Lambda and AWS SSM. When someone pushed to the Git repo master branch, a webhook sends the information to API Gateway which triggers an AWS Lambda function. The function sends an AWS SSM Run Command to the Saltmaster which then runs a bash script updating from Github. Boom… and the Saltmaster is updated and restarted.

A couple of months ago Amazon Web Services came with a new service called AWS SSO. It is used for Single Sign-On for products such as the AWS Console, Github, Salesforce etc. I did a bit of tinkering with it, because I wanted to do CLI authentication with AWS SSO and obtain an STS token that way. It was not possible :( AWS however came up with a new feature where you could see your keys and such, copy/paste them into your terminal and then do stuff on AWS.