13

I want to write a Python 3.6 query in AWS Lambda to get details on an AWS SSM parameter store but I get a null response. If I query via AWS CLI I get the details on the parameter store item including the AMI ID which is my ultimate goal. The parameter store path is:

/aws/service/ami-windows-latest/Windows_Server-2019-English-Core-Base-2019.07.12

My code is below, any insight into why this is not returning the expected results would be greatly appreciated.

import json
import boto3

def lambda_handler(event, context):
    client = boto3.client('ssm')
    response=client.get_parameters(Names=['/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base']),
    #return "Success"
    print (response)

I'm expecting the same output that I get when I run the following AWS CLI command.

aws ssm get-parameters --names /aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base --region us-east-1
pppery
  • 3,731
  • 22
  • 33
  • 46
TIM02144
  • 593
  • 1
  • 4
  • 17

3 Answers3

23

I figured this out with the help of a co-worker with more Python experience. The code is below.

import boto3

client = boto3.client('ssm')

def lambda_handler(event, context):
    parameter = client.get_parameter(Name='/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base', WithDecryption=True)
    print(parameter)
    return parameter ['Parameter']['Value']
TIM02144
  • 593
  • 1
  • 4
  • 17
  • I had attached the doc above in my answers to highlight that `client.get_parameter` is expecting a string, any ways good that you figured it out, and nice that you have pull the `client = boto3.client('ssm')` out side the lambda_handler so that its available for next invocation provided same container is used. – amittn Sep 06 '19 at 08:13
  • Sorry, I missed that. Thank you. – TIM02144 Sep 09 '19 at 13:40
  • For a little extra context, here are the boto3 docs for this API call: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ssm/client/get_parameter.html – jdenoc Aug 26 '23 at 16:04
1
  • Worth checking your lambda has enough permissions to interact with aws SSM. Just for the initial checking i would suggest give full access by using policy policy/AmazonSSMFullAccess
  • Lambda IAM role should have the above policy.
  • docs aws boto3 docs
amittn
  • 2,249
  • 1
  • 12
  • 19
  • Yes, I am using a role that has the AmazonSSMFullAccess policy attached. Still getting Response: null – TIM02144 Sep 05 '19 at 17:01
0

You can use this library which has error handling out-of-the-box: AWStanding

from awstanding.parameter_store import load_parameters

LOOKUP_DICT = {
  '/aws/service/ami-windows-latest/Windows_Server-2019-English-Full-Base': 'CONVENIENT_NAME'
}

load_parameters(LOOKUP_DICT)

os.environ.get('CONVENIENT_NAME')

The advantage here is that you can easily load a lot of parameters with minimmum overhead.

Juan Ignacio Sánchez
  • 508
  • 3
  • 12