Why is a leading slash being added to SSM parameter name?

[ljvanschie]

When using PersistKeysToAWSSystemsManager("my-service"), a parameter is created like /my-service-.., instead of my-service-... What is the reasoning for this behavior?

https://github.com/aws/aws-ssm-data-protection-provider-for-aspnet/blob/master/src/Amazon.AspNetCore.DataProtection.SSM/SSMXmlRepository.cs#L72

In our setup, each microservice gets permission to read/write SSM parameters starting with a certain namespace (in this case, it would be my-service.*). This does not work, because of the leading slash. It would be nice if this could be omitted, perhaps by configuration.

[ashishdhingra]

Hi @ljvanschie,

Good morning.

Thanks for posting guidance question. Please refer to Creating Systems Manager parameters for requirements and constraints for parameter names. The slash character ( / ) is used to delineate hierarchies in parameter names. XML represents hierarchal nature, hence, this could be the reason that parameter names are always prefixed with / character. Also refer example on the page https://github.com/aws/aws-ssm-data-protection-provider-for-aspnet.

Hope this helps.

Thanks, Ashish

[ljvanschie]

Hi Ashish. Thanks for your quick response! Makes sense.. it would be nice if you could disable parameter hierarchy by configuration. It says in the docs that it is not required:

You aren't required to specify a parameter hierarchy. You can create parameters at level one. These are called root parameters. For backward compatibility, all parameters created in Parameter Store before hierarchies were released are root parameters. The systems treats both of the following parameters as root parameters.

But on the other hand, I can also see why this could be nice for grouping parameters. This issue can be closed, we will update the permissions 👍

edit: it turned out that the errors I got had nothing to do with slashes in the name, but were caused by this: https://github.com/aws/aws-xray-sdk-dotnet/issues/103

[github-actions[bot]]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.