Parameter Manager is an extension to the Secret Manager service and provides a centralized storage for all configuration parameters related to your workload deployments.
Parameters are variables, often in the form of key-value pairs, which customize how an application functions. Parameters can include a wide range of settings such as the following:
- Configuration settings: Database connection strings, API keys, and user interface preferences
- Environment-specific settings: Tailored configurations for production, development, or testing environments
- Secrets: Sensitive data such as credentials and secure connection strings
Using Parameter Manager, you can do the following:
- Store all your workload parameters in a centralized system. Having all your configuration data in one place simplifies management, improves consistency, and reduces errors.
- Ensure consistent deployments across all environments by using the same parameter values.
- Track changes to your parameters for compliance and security purposes.
- Control access to parameters with fine-grained Identity and Access Management IAM permissions, ensuring that only authorized users and services can access sensitive data.
Key features
Following are the key features of Parameter Manager:
- Data encryption: Parameters are encrypted using the Advanced Encryption Standard (AES) algorithm (AES-256).
- Versioning: Each parameter can have multiple versions, allowing you to track changes over time and roll back to previous values if needed.
- Flexible format support: you can store your configuration data using structured formats such as YAML and JSON. You can also use unformatted configurations such as plain text or custom formats for maximum flexibility.
- Reference Secret Manager secrets: You can reference secrets stored in Secret Manager from Parameter Manager parameters. This lets you manage all your application configuration data, including secrets, from Parameter Manager while also leveraging Secret Manager features such as automatic rotation and auditing.
- Regional parameters: Parameter Manager supports regional endpoints, letting you create and manage parameters specific to each location in which your cloud environment operates. For a list of locations that support regional endpoints, see Locations for Parameter Manager resources.
Parameter Manager resources
There are two main resources in Parameter Manager:
- Parameter: A parent object that holds all the information about the parameter. It includes metadata such as the parameter's name, the type of data it stores (for example, YAML, JSON, or unstructured), and any associated labels. A parameter also holds all the parameter versions.
- Parameter version: A parameter version stores the actual value of the parameter. Each version can contain structured data (like YAML or JSON) or unstructured data (plain text).