Documentation
Add-ons

AWS Parameter Store

Sync your secrets to AWS Parameter Store when an environment variable is changed.

Step 1

Navigate to the add-ons page. Click AWS Parameter Store. Then click Connect AWS Secrets.

Step 2

On the next page, generate your AWS IAM User and paste in the credentials.

Important: The AWS IAM user must have correct permissions. Below is an example. Modify for your security needs.

example iam user policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "ssm:PutParameter",
                "ssm:DeleteParameter",
                "ssm:GetParameterHistory",
                "ssm:GetParametersByPath",
                "ssm:GetParameters",
                "ssm:GetParameter",
                "ssm:DeleteParameters",
                "ssm:DescribeParameters"
            ],
            "Resource": "*"
        }
    ]
}

Step 3

Lastly, set up the AWS Parameter Store config path and region.

If successful, you'll have a keys and values in AWS Parameter Store that looks like the following:

That's it! Your secrets are now synced to AWS Parameter Store and will continue to stay in sync when you modify your secrets.

Thank you for using Dotenv with AWS Parameter Store.