Cache un/encrypted expiring values as AWS SSM parameters with a TTL
import (
"log"
"github.com/CribAdvisor/ssmcache"
)
func main() {
cache := ssmcache.New(&ssmcache.SSMCacheOptions{
Secret: true,
BasePath: "/cache",
KeyId: nil,
})
accessToken, err := cache.Get("my_token")
if err != nil {
log.Fatal(err)
}
if accessToken == nil {
// obtain a new token
// newToken, ttl := getNewToken(...)
accessToken = newToken
cache.Set("my_token", accessToken, ttl)
}
}
NOTE:
- Replace
Resource
with your AWS region and account ID - Replace
/cache
with the modifiedBasePath
if applicable - Add
kms:Encrypt
andkms:Decrypt
actions and resources for your KMS key (if applicable)
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "Stmt1585412677747",
"Action": [
"ssm:DeleteParameter",
"ssm:GetParameter",
"ssm:PutParameter"
],
"Effect": "Allow",
"Resource": "arn:aws:ssm:<region>:<account_ID>:parameter/cache/*"
}
]
}