Problem:
There are multiple ways to get a parameter store value. Which one should I use?
Solution:
Use this approach when working with non-sensitive, plain text parameters. You don't need
version control and simple string value retrieval is sufficient. Creates a "token" that resolves during deployment.
const value = ssm.StringParameter.valueForStringParameter(this, 'my-parameter-name');
Use this approach when handling secure string parameters. Creates a secure "token" that resolves during deployment.const value = cdk.SecretValue.ssmParameter('my-parameter-name');
Use this syntax when you need a fixed, environment-specific value at synthesis time instead of at deployment. This retrieves the actual SSM parameter value during cdk synth and stores it in the cdk.context.json file. Use this approach when conditional logic in your CDK code requires the value and cannot use a token. For example, determining which resources to synthesize based on a feature flag
const value = ssm.StringParameter.valueFromLookup(this, 'my-parameter-name');
https://docs.aws.amazon.com/cdk/v2/guide/get_ssm_value.html