Skip to content

🏪 deserialize AWS Parameter Store values into type safe structs

License

Notifications You must be signed in to change notification settings

softprops/envy-store

Repository files navigation

envy store Build Status Coverage Status Software License crates.io Released API docs Master API docs

🏪 deserialize AWS Parameter Store values into typesafe structs

📦 Install

[dependencies]
envy-store = "0."

🤸 Usage

Envy store assumes you are using the AWS best practice of storing related parameters under a prefixed hierarchy. This leads to better clarity on what application a set of parameters belong to as well as enables the paths based query API which has performance benefits and is the recommended best practice by AWS.

Envy store also assumes the use of the AWS default credential chain for authenticating requests with AWS. Don't worry, if you've used any AWS tooling in the past, you likely already have this configured. You will also need to ensure these credentials have the ssm:GetParametersByPath IAM permission.

See the demo example for an example application and documentation for more information

👭 Consider this crate a cousin of envy, a crate for deserializing environment variables into typesafe structs.

🤔 Why AWS Parameter Store

Environment variables are a perfectly good and probably best solution for storing application configuration as they are more or less universally supported across runtimes and languages.

As an application grows additional factors need may come into consideration.

  1. Security. Environment variables alone are a poor transport for secret information as they can easily be leaked in their plain text format. AWS Parameter Store has built-in support for storing values in encrypted format preventing unwanted access from prying eyes.

  2. Management. The strategy for configuring environment variables for your application will likely vary and become less managable over time. The source of truth for their values may require some centralization in order to manage. Systems exist for helping you manage these. AWS Parameter Store is a self managed system as a service removing the need for you to operate one of these systems yourself.

  3. Access control. Related to encryption security, you may also want to limit who can access configuration. Identity access management is built into AWS Parameter Store so you don't have to implement this yourself.

💡 Note that as AWS Parameter Store is a hosted service, it comes with limits to ensure quality of service for its users. You can review a list of these limits here

Doug Tangren (softprops) 2018