typescript icon indicating copy to clipboard operation
typescript copied to clipboard

Published 20 hours ago verified publisher icon serverless

Support for SSM (AWS's system manager)

Open appletreeat56 opened this issue 2 years ago • 8 comments

Hi, I have been trying to access ssm on serverless.ts file but I keep getting this error -

Serverless Warning --------------------------------------
A valid SSM parameter to satisfy the declaration 'ssm:/oath/to/ssm' could not be found.

It use to work fine on serverless.yml. I have looked at the definition file and I could not see any reference to ssm either, so I am assuming that it is not supported. If so, can you please confirm?

p.s: I can confirm that this ssm entry does exist on AWS and I can access it via AWS CLI.

appletreeat56 avatar Jan 23 '22 11:01 appletreeat56

Hi @appletreeat56 and thanks for submitting your issue. Could you please share your serverless.ts service file content here ?

This repository translates Serverless framework internal validation constraints in Typescript definition. Anything supported by the framework is reflected here.

fredericbarthelet avatar Jan 23 '22 22:01 fredericbarthelet

Hi Frédéric, Thanks for getting back on this issue. Below is the serverless.ts and ssm call is in the environment field


import type { AWS } from '@serverless/typescript';

const serverlessConfiguration: AWS = {
  service: 'jsontoxlsx',
  frameworkVersion: '2',
  custom: {
    webpack: {
      webpackConfig: './webpack.config.js',
      includeModules: true
    },
  },
  // Add the serverless-webpack plugin
  plugins: ['serverless-webpack', 'serverless-offline'],
  provider: {
    name: 'aws',
    runtime: 'nodejs14.x',
    apiGateway: {
      minimumCompressionSize: 1024,
    },
    environment: {
      AWS_NODEJS_CONNECTION_REUSE_ENABLED: '1',
      AWS_BUCKET_NAME: '${ssm:/jsontoxlsx/api/BUCKET_NAME}'
    },
  },
  functions: {
    jsontoxlsx: {
      handler: 'handler.jsontoxlsx',
      events: [
        {
          http: {
            method: 'get',
            path: 'jsontoxlsx',
          }
        }
      ]
    }
  }
}

module.exports = serverlessConfiguration;

I am using this version of serverless in my package.json - "@serverless/typescript": "^2.12.0"

And this is my serveless version installed globally -

Framework Core: 2.14.0
Plugin: 4.1.2
SDK: 2.3.2
Components: 3.4.2

appletreeat56 avatar Jan 24 '22 09:01 appletreeat56

Hi everyone. There is any example to use SSM in serverless.ts? Thanks!

pascencio avatar May 23 '22 13:05 pascencio

Hi Frédéric, Thanks for getting back on this issue. Below is the serverless.ts and ssm call is in the environment field


import type { AWS } from '@serverless/typescript';

const serverlessConfiguration: AWS = {
  service: 'jsontoxlsx',
  frameworkVersion: '2',
  custom: {
    webpack: {
      webpackConfig: './webpack.config.js',
      includeModules: true
    },
  },
  // Add the serverless-webpack plugin
  plugins: ['serverless-webpack', 'serverless-offline'],
  provider: {
    name: 'aws',
    runtime: 'nodejs14.x',
    apiGateway: {
      minimumCompressionSize: 1024,
    },
    environment: {
      AWS_NODEJS_CONNECTION_REUSE_ENABLED: '1',
      AWS_BUCKET_NAME: '${ssm:/jsontoxlsx/api/BUCKET_NAME}'
    },
  },
  functions: {
    jsontoxlsx: {
      handler: 'handler.jsontoxlsx',
      events: [
        {
          http: {
            method: 'get',
            path: 'jsontoxlsx',
          }
        }
      ]
    }
  }
}

module.exports = serverlessConfiguration;

I am using this version of serverless in my package.json - "@serverless/typescript": "^2.12.0"

And this is my serveless version installed globally -

Framework Core: 2.14.0
Plugin: 4.1.2
SDK: 2.3.2
Components: 3.4.2

I have the same problem... There is some work around?

pascencio avatar Jun 17 '22 18:06 pascencio

It's a shame that this is not documented. Only an example with serverless.yml is given and there is no mention of it doing "magic" in the background to produce IAM roles to allow SSM to be read from AWS.

gruckion avatar Sep 13 '22 12:09 gruckion

I find it ridiculous that serverless.ts is being promoted as an official way for typescript app, but there is no documentation whatsoever.

AutomationD avatar Sep 22 '22 16:09 AutomationD

So turns out this works fine, my issue was a spelling mistake.

    environment: {
      AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1",
      // TODO (Stephen): need to correct which stage the secret lives hard coding to live for now ${ssm:/${opt:stage, 'live'}
      APP_DB_INSTANCE_SECRET_ARN:
        "${ssm:/live/secrets/rds/app-db-instance-secret-arn}",
    },

And my secret does exist with that name. Works fine no issues. Please could you show that you actually have the parameter store value setup. Also check the parameter and the region your serverless is deployed to is the same.

gruckion avatar Oct 07 '22 13:10 gruckion

Above worked else for me even locally

    environment: {
      AWS_NODEJS_CONNECTION_REUSE_ENABLED: "1",
      // TODO (Stephen): need to correct which stage the secret lives hard coding to live for now ${ssm:/${opt:stage, 'live'}
      APP_DB_INSTANCE_SECRET_ARN:
        "${ssm:/live/secrets/rds/app-db-instance-secret-arn}",
    },

Physicliar avatar Feb 12 '23 07:02 Physicliar