Create a Systems Manager parameter (console)
You can use the AWS Systems Manager console to create and run String
, StringList
and
SecureString
parameter types.
Parameters are only available in the AWS Region where they were created.
Create a parameter (console)
The following procedure walks you through the process of creating a
parameter in the Parameter Store console. You can create String
, StringList
, and
SecureString
parameter types in the console.
To create a parameter
-
Open the AWS Systems Manager console at https://console.aws.amazon.com/systems-manager/
. -
In the navigation pane, choose Parameter Store.
-or-
If the AWS Systems Manager home page opens first, choose the menu icon (
) to open the navigation pane, and then choose Parameter Store.
-
Choose Create parameter.
-
In the Name box, enter a hierarchy and a name. For example, enter
/Test/helloWorld
.For more information about parameter hierarchies, see Working with parameter hierarchies.
-
In the Description box, type a description that identifies this parameter as a test parameter.
-
For Parameter tier choose either Standard or Advanced. For more information about advanced parameters, see Managing parameter tiers.
-
For Type, choose String, StringList, or SecureString.
-
If you choose String, the Data type field appears. If you are creating a parameter to hold the resource ID for an Amazon Machine Image (AMI), select
aws:ec2:image
. Otherwise, leave the defaulttext
selected. -
If you choose SecureString, the KMS Key ID field appears. If you don't provide a KMS customer master key (CMK) ID, a CMK ARN, an alias name, or an alias ARN, then the system uses
alias/aws/ssm
, which is the AWS managed CMK for Systems Manager. If you don't want to use this key, then you can use a customer managed CMK. For more information about AWS managed and customer managed CMKs, see AWS Key Management Service Concepts in the AWS Key Management Service Developer Guide. For more information about Parameter Store and KMS encryption, see How AWS Systems Manager Parameter Store Uses AWS KMS. -
When creating a
SecureString
parameter in the console by using thekey-id
parameter with either a customer managed CMK alias name or an alias ARN, you must specify the prefixalias/
before the alias. Here is an ARN example:arn:aws:kms:us-east-2:123456789012:alias/
MyAliasName
Here is an alias name example:
alias/
MyAliasName
-
-
In the Value box, type a value. For example, type
This is my first parameter
orami-0dbf5ea29aEXAMPLE
.Note Parameters can't be referenced or nested in the values of other parameters. You can't include
{{}}
or{{ssm:
in a parameter value.parameter-name
}}If you chose SecureString, the value of the parameter is masked by default ("******") when you view it later on the parameter Overview tab. Choose Show to display the parameter value.
-
(Optional) In the Tags area, apply one or more tag key-value pairs to the parameter.
Tags are optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter. In this case, you could specify the following key-value pairs:
-
Key=Resource,Value=S3bucket
-
Key=OS,Value=Windows
-
Key=ParameterType,Value=LicenseKey
-
-
Choose Create parameter.
-
In the parameters list, choose the name of the parameter you just created. Verify the details on the Overview tab. If you created a
SecureString
parameter, choose Show to view the unencrypted value.
You can’t change an advanced parameter to a standard parameter. If you no longer need an advanced parameter, or if you no longer want to incur charges for an advanced parameter, you must delete it and recreate it as a new standard parameter.