I am creating a telegram bot. This requires me to include a token in my Python code to access my bot. I am pretty sure that I should keep it in AWS parameter store so that it is more secure. I am unsure how to do so with the following questions:
- Which python package & function should I use so that I can reference the stored token in AWS parameter store?
- Correct me if I'm wrong, but I also need to give my EC2 instance the IAM role to access my AWS parameter store, right?
- Can I confirm that I shouldn't use AWS secrets manager since I don't intend to rotate this fixed token for my bot?
P.S. Sorry if these are very basic questions. I wasn't sure where to find resources to specifically integrate AWS parameter store with Python code.
You can use boto3's get_parameter function.
Yes.
SSM Paramter Store is free, unlike AWS secrets manager. But you could still use it if you like.