Remove IIS Log Files (4-1) --- Managing Sensitive Info in AWS

Note: This article was published on 02/24/2025.

Although this topic is ndependent, but it was derived from the Remove IIS Log Files project. So we merge this article into the series of articles for REmove IIS Log Files.

This series of articles are to discuss a task to remove IIS Log Files. We start from doing the task manually, then make automation, and the last deploy the automation to pipelines (different servers):

• Remove IIS Log Files (1) --- Manually
• Remove IIS Log Files (2) --- Automation by Windows Task Scheduler
  • Remove IIS Log Files (2-1) --- Handle Group User Accounts 
  • Remove IIS Log Files (2-2) --- Add "Log on as a batch job" Right to a user 
• Remove IIS Log Files (3) --- Deploy VBScript Automation by Pipeline
• Remove IIS Log Files (4) --- Deploy PowerShell Automation by Pipeline
  • Remove IIS Log Files (4-1) --- Managing Sensitive Info in AWS --- this article
  • Remove IIS Log Files (4-2) --- Make Server Allows ports for PowerShell Remoting  
  • Remove IIS Log Files (4-3) --- AWS security group on the ec2 needs to Allows ports for PowerShell Remoting 

This is a working note about AWS parameter store and Secret Manager to manage sensitive information in AWS.  This article will be categoried as AI, because the result is AI created.

AI tool, we use Microsoft Copilot,

Search for "aws parameter store or secrets manager",

Result:

Search for "command to save or retrieve or delete info into Parameter store"

Save a Parameter

To save a parameter, use the put-parameter command:

aws ssm put-parameter --name "parameter_name" --value "parameter_value" --type "String"

You can also specify other types like SecureString for encrypted values.

Retrieve a Parameter

To retrieve a parameter, use the get-parameter command:

aws ssm get-parameter --name "parameter_name" --with-decryption

The --with-decryption flag is optional and used if the parameter is encrypted.

Delete a Parameter

To delete a parameter, use the delete-parameter command:

aws ssm delete-parameter --name "parameter_name"

These commands should help you manage your parameters in AWS Systems Manager Parameter Store. 

Sample:

Code:

$user = "userName"

aws ssm put-parameter --name $user --value "userPassword" --type "String" --region "us-west-2"

$password = (Get-SSMParameter -Name $user).Value

Write-Host ""
Write-Host "User is $user"

Write-Host ""
Write-Host "Password is $password"

aws ssm delete-parameter --name $user --region "us-west-2"

#(Get-SSMParameter -Name $user).Value

Result:

Note:

If a specific parameter is not saved in AWS and you try to retrieve or delete it, an error will occur.

View Parameter Store from AWS Console:

All Services => Systems Management: 

AWS Systems Management => Application Tools => Parameter Store:

In Parameter Sore Page, Click a Specific Parameter:

Show the Details of the Parameter: