AWS CodePipeline
User Guide (API Version 2015-07-09)

A new console design is available for this service. Although the procedures in this guide were written for the older version of the console, you will find many of the concepts and basic procedures in this guide still apply.

Use Parameter Store to Track Database Passwords or Third Party API Keys

You can use Parameter Store to track and update configuration secrets such as database passwords. This procedure describes using Parameter Store to manually create a secret parameter. You can also create automated scripts to use Parameter Store to securely set and manage your passwords and keys automatically. See an example of build spec automation for AWS CodeDeploy at this blog post.

Manually create a parameter in Parameter Store

  1. Sign in to your AWS account and go to the Amazon EC2 console.

  2. Under the Systems Manager Shared Resources section, click Parameter Store.

  3. Click Get Started Now or Create Parameter and enter the following information:

    1. Type a name for your parameter in the Name field.

    2. Under Type, choose Secure String. This encrypts sensitive data using your default AWS KMS key.

    3. Paste the parameter into the Value field.

  4. Click Create Parameter, and it will bring you to the Parameter Store console where you can see your newly created parameter.