auto-encrypt | RFC 8555 – Automatic Certificate Management Environment | TLS library

I've found a solution / workaround that I will share here.

Please feel free to comment if you find a better way !

TL;DR : the workaround works because it does only 1 request to SSM (per lambda) instead of 6 thanks to GetParametersByPath recursive instead of GetParameterHistory.

So, to simplify, my use case was to store a secret to crypt a token and to be able to use it for 10 hours.

Note : IRL, I use 3 different secrets, hence the P1, P2, P3 in the question. In the following, I will simplify and only talk about 1 secret as it works similarly for any number of secrets (until you reach the maximum number of parameters in SSM which is 10K ...)

It previously works like this : I rotate the secret every hour, I decrypt the token against the last 10 versions -> if a user sends a token that is 11 hours old or more, I cannot decrypt it anymore.

Now, instead of having a single parameter with multiple versions, I have multiple parameters with only the last version of each being safe to use.

My SSM Parameter Store previously looked like (for each parameter)

There's no one-key command to do it. But you can get close: if the point is at the | in "first| second", you can do M-S C-M-d M-s:

1. M-S (paredit-split-sexp) to split it into "first"| " second",
2. C-M-d (paredit-forward-down) to descend into tho following string giving "first" "| second", and then
3. M-s (paredit-splice-sexp) to splice the content of the string giving "first" | second.

To clean up the spaces you can then do M-SPC (just-one-space).

"first| second" M-S (paredit-split-sexp) "first"| " second" C-M-d (paredit-forward-down) "first" "| second"` M-s (paredit-splice-sexp) "first" | second M-SPC (just-one-space) "first" |second

Yes, you do need a mode that highlights markdown code. (Try M-x package-install RET markdown-mode+ RET) If you have font-locking enabled (I suspect you have), the mode that you end up probably gives syntax highlighting for markdown.

Now, syntax highlighting is just alterations to font and color used. Once you have it on, you can customize the font face used for code by navigating over a code block and issuing M-x customize-face. My markdown mode has code blocks under markdown-pre-face; the face under cursor will be selected by default for you.

I prepared some screenshots to show the workflow. Determining what emacs allows for font family or foundry is bit of a dark magic, and I leave it to google to find out more about it. On linux systems there used to be an ugly little helper called xfontsel where you can preview different font families and foundries.

You can experiment without saving anything first by applying the changes without saving; when things look fine, you can "apply and save" in the customize mode.