Serverless — AWS Parameter Store with Python

Dorian Machado
Jan 3 · 5 min read

Implementing AWS Parameter Store will bring a cleaner code to our Lambda functions, but the tears start to come out when we are handling with hundred of parameters stored hierarchically.

Photo by Markus Spiske on Unsplash

In this article you will learn how to handle and (of course) win the battle 💪against multiple variables stored in AWS Parameter Store in your Python 🐍 Lambda functions using a magical/superCharged Class which will be shared between the functions with the AWS Lambda Layers, in other words we will create an enhanced 🏋 version of my previous post related with AWS Parameter Store.

To know more about AWS Lambda Layers you can check my previous article.


The Problem

Having the parameters stored in AWS Parameter Store we can easily retrieve then using the AWS SDK for python (boto3) as shown.

import boto3
ssm = boto3.client('ssm')
myParameter = ssm.get_parameter(Name='/Prod/api/Token', WithDecryption=True)
print(myParameter['Parameter']['Value'])

Our Parameter is stored as “/Prod/api/Token” in AWS Parameter Store with the value “tokenValue123456”

And if we execute the above code from our terminal (after export the AWS Key variables) we should obtain something like this

But imagine we have 5 or 10 variables for a Lambda, we will have to perform the Boto3 command ssm.get_parameter as many times as needed 😱 😱 😱

The Solution

Don’t worry as in my previous Medium articles we know how to figure it out and win the battle one more time.

What do you say if we can access the parameters as a Python dictionary? The answer is an absolute 🎉 YES 🎉 all this thanks to a very powerful Python class developed my Mr Bao Nguyen , so as the parameters are organized as in a hierarchy manner “/Prod/api/Token” we should be able to query it as store[‘Prod’][‘api’][‘Token’] dd

To know more about the usage of the Python Class you can check the following Mr Bao Post


Testing the magical Python Class

Let’s test the class before deploy our Lambdas and layers 🤓

The Python class ssm_parameter_store.py could be found here and our test purpose directory should look like this one:

test
├── ssm_parameter_store.py
└── testPS.py

The testPS.py will look like this:

import os
from ssm_parameter_store import SSMParameterStore
store = SSMParameterStore(prefix="/"+os.environ['APP_ENV'])my_token = store['api']['Token']print(my_token)

Executing the code above the results should looks like the following.

Where in orange we export the variable APP_ENV with the value “Prod” which is passed as “prefix” parameter to SSMParameterStore and in purple we retrieved the value of the parameter 🙌 🙌 🙌

All right everything worked well 🎉

Let’s bring all this knowledge to AWS 🤓


Going Serverless

In this section of the post we will bring our code to serverless in AWS so let’s get down to code 💻

Remember that all the source code we use in this article will be available in github.

Create the serverless projects as usual in this case we will create one project for our code and another one to handle the ssm_parameter_store.py common library as a Lambda Layer.

Project for our Lambda Layer

sls create --template aws-python3 --name common-layer --path common-layer

and the project for our sample application.

sls create --template aws-python3 --name the-app --path the-app


The Layer side

Get into the common-layer project and let the magic ✨ begins

cd common-layer
rm handler.py
mkdir -p layers/common/python/lib/python3.7/site-packages
wget -q https://gist.githubusercontent.com/nqbao/9a9c22298a76584249501b74410b8475/raw/7d1410028d4243759dd7578e8460d17178180291/ssm_parameter_store.py -O layers/common/python/lib/python3.7/site-packages/ssm_parameter_store.py

The structure should looks like this one

common-layer
├── layers
│ └── common
│ └── python
│ └── lib
│ └── python3.7
│ └── site-packages
│ └── ssm_parameter_store.py
└── serverless.yml

Where the serverless.yml will contain

service: common-layerprovider:
name: aws
runtime: python3.7
layers:
python-app-dependencies:
path: layers/common
compatibleRuntimes:
- python3.7
description: "Common dependencies for python lamnda functions"

Time to deploy 🚀

sls deploy

The output will be similar to this


The sample app side

Get into the the-app project and let the magic ✨ begins

cd the-app
mkdir src
mv handler.py src

The structure will looks like this one:

the-app
├── serverless.yml
└── src
└── handler.py

Where the file serverless.yml must be similar to

service: the-appprovider:
name: aws
runtime: python3.7
environment:
APP_ENV: ${opt:stage, self:provider.stage}
iamRoleStatements:
- Effect: Allow
Action:
- ssm:GetParameters
- ssm:GetParameter
Resource: "arn:aws:ssm:*:*:parameter/${opt:stage, self:provider.stage}/*"
- Effect: Allow
Action:
- ssm:DescribeParameters
Resource: "*"
functions:
hello:
handler: src/handler.hello
layers:
- "${cf:common-layer-dev.PythonDashcommonDashdependenciesLambdaLayerQualifiedArn}"

and the handler.py will be like this one

import os
import json
from ssm_parameter_store import SSMParameterStore
def hello(event, context):
store = SSMParameterStore(prefix="/"+os.environ['APP_ENV'])
my_token = store['api']['Token']
body = {
"message": "The value of the variable is",
"value": my_token
}
response = {
"statusCode": 200,
"body": json.dumps(body)
}
return response

Time to deploy 🚀

sls deploy --stage Prod

and test our function ⚡️

sls invoke -f hello --stage Prod

Amazing !!! 🎉 We did it again 🤓

Conclusions

Again we are getting better and better 🤓 and our laboratories are becoming more complex and more interesting ⚡️

As you could see we can use the AWS Lambda Layers not only for handle Python dependencies, we can use it to share and handle our own common libraries, in this case we shared a util library to access AWS Parameter store, get the variables and values to be used as a Python Dictionary for higher comfort.

Dorian Machado

Written by

Serveless Evangelist / Entrepreneur

More From Medium

Also tagged Lambda

Also tagged Lambda

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade