Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws_ssm: valueForSecureStringParameter is deprecated and the alternative isn't clearly documented #22593

Closed
trondhindenes opened this issue Oct 20, 2022 · 5 comments · Fixed by #25581
Closed

aws_ssm: valueForSecureStringParameter is deprecated and the alternative isn't clearly documented #22593

trondhindenes opened this issue Oct 20, 2022 · 5 comments · Fixed by #25581
Labels
@aws-cdk/aws-ssm Related to AWS Systems Manager documentation This is a problem with documentation. effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. good first issue Related to contributions. See CONTRIBUTING.md p1

Comments

@trondhindenes
Copy link

Describe the issue

From here:
https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ssm.StringParameter.html#static-valuewbrforwbrsecurewbrstringwbrparameterscope-parametername-versionspan-classapi-icon-api-icon-deprecated-titlethis-api-element-is-deprecated-its-use-is-not-recommended%EF%B8%8Fspan

This text, for valueForSecureStringParameter:

Deprecated: Use SecretValue.ssmSecure() instead, it will correctly type the imported value as a SecretValue and allow importing without version.

There's no mention of what SecretValue.ssmSecure() is, which module it belongs to or how to use it. The documentation should point properly point to a non-deprecated alternative.

Links

https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_ssm.StringParameter.html#static-valuewbrforwbrsecurewbrstringwbrparameterscope-parametername-versionspan-classapi-icon-api-icon-deprecated-titlethis-api-element-is-deprecated-its-use-is-not-recommended%EF%B8%8Fspan
@trondhindenes trondhindenes added documentation This is a problem with documentation. needs-triage This issue or PR still needs to be triaged. labels Oct 20, 2022
@github-actions github-actions bot added the @aws-cdk/aws-ssm Related to AWS Systems Manager label Oct 20, 2022
@indrora indrora added p1 effort/small Small work item – less than a day of effort and removed needs-triage This issue or PR still needs to be triaged. labels Nov 16, 2022
@otaviomacedo otaviomacedo removed their assignment Nov 18, 2022
@MG-hynesnd
Copy link

Hi, noting that this is still an issue and that use of SecretValue.ssmSecure() as a replacement for valueForSecureStringParameter is still not clearly documented.

The cdk documentation page on getting SSM values, here doesn't mention that valueForSecureStringParameter is deprecated. So this doesn't become clear until attempting to use it and finding it marked deprecated.

I'm struggling to find any documentation of how to properly use SecretValue:

  • The API reference page for valueForSecureStringParameter does not link to the recommended CDK v2 replacement SecretValue.ssmSecure().
  • Googling SecretValue.ssmSecure() leads to a CDK v1 API reference page.
  • This page contains a link to the CDK v2 version of SecretValue. But this page is a bit light on context for how to properly adopt and use it.
  • No usage example for fetching a secure SSM parameter.

@damolaobaleke
Copy link

Same, still not properly documented. Struggling to find any documentation on SecretValue and what module its coming from

@damolaobaleke
Copy link

Actually I've figured it out so its in the @aws-cdk/core module. @trondhindenes @MG-hynesnd

Usage:

const awscdkCore = require('@aws-cdk/core');
const secret = awscdkCore.SecretValue.ssmSecure('SECRET_VALUE', 'version')

You can check out this link for the class and its methods within it.
https://docs.aws.amazon.com/cdk/api/v1/docs/@aws-cdk_core.SecretValue.html#static-ssmwbrsecureparametername-version

@peterwoodworth peterwoodworth added feature-request A feature should be added or improved. good first issue Related to contributions. See CONTRIBUTING.md labels May 2, 2023
@Zishanwang1992
Copy link
Contributor

I would like to work on this issue as my first issue.

It looks like we can add a link to reference the recommended CDK v2 replacement SecretValue.ssmSecure(). Here is the link that I found.

Let me know if there is any concern or suggestion!

Zishanwang1992 added a commit to Zishanwang1992/aws-cdk that referenced this issue May 14, 2023
@Zishanwang1992
docs(ssm): Add link to help explain SecretValue.ssmSecure() suggested a…
7d06492 
…ws#22593.
@Zishanwang1992 Zishanwang1992 mentioned this issue May 15, 2023
Merged
@mergify mergify bot closed this as completed in #25581 May 17, 2023
mergify bot pushed a commit that referenced this issue May 17, 2023
@Zishanwang1992
docs(ssm): explain that SecretValue.ssmSecure() lives in core now (#2…
f48515f 
…5581)

Closes #22593.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions
Copy link

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
@aws-cdk/aws-ssm Related to AWS Systems Manager documentation This is a problem with documentation. effort/small Small work item – less than a day of effort feature-request A feature should be added or improved. good first issue Related to contributions. See CONTRIBUTING.md p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

docs(ssm): explain that SecretValue.ssmSecure() lives in core now Zishanwang1992/aws-cdk
7 participants
@otaviomacedo @indrora @trondhindenes @Zishanwang1992 @peterwoodworth @damolaobaleke @MG-hynesnd