npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@aws-blocks/bb-app-setting

v0.1.2

Published

A single application configuration value backed by SSM Parameter Store.

Downloads

1,893

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

aws-blocks-npm-opsaws-blocks-npm-ops

Keywords

Readme

AppSetting

A single application configuration value backed by SSM Parameter Store.

When to use: You need a configuration value (feature flag, API URL, threshold) or a secret (API key, token) stored as a single SSM parameter. Each AppSetting instance maps to exactly one parameter.

When NOT to use: If you need structured key-value data with conditional writes and queries, use KVStore or DistributedTable.

API

const setting = new AppSetting(scope, id, options)

| Method | Returns | Description | |--------|---------|-------------| | get() | Promise<T> | Read the current value. | | put(value) | Promise<void> | Update the value at runtime. |

Options

| Option | Type | Required | Description | |--------|------|----------|-------------| | name | string | No | SSM parameter path. When omitted, derived from the scope tree as /${fullId}, guaranteeing uniqueness within the stack. | | value | T | No | Initial value. Required for non-secret parameters. Must not be provided when secret is set. | | schema | StandardSchemaV1<T> | No | Runtime validation schema (Zod, Valibot, ArkType). Infers T from the schema. Cannot be used with secret. | | secret | boolean | No | When true, creates an SSM SecureString encrypted with the aws/ssm KMS key. Cannot be used with schema or value. | | logger | ChildLogger | No | Optional logger for internal operations. When omitted, a default Logger at error level is created. |

Naming: When you omit name, the framework derives a unique SSM path from the construct scope tree (/${fullId}). This is the recommended approach — it prevents collisions across stacks automatically. If you provide an explicit name, you are responsible for ensuring it is unique across all stacks deployed to the same AWS account and region.

Error Handling

import { isBlocksError } from '@aws-blocks/core';
import { AppSettingErrors } from '@aws-blocks/bb-app-setting';

try {
  await setting.put(value);
} catch (e: unknown) {
  if (isBlocksError(e, AppSettingErrors.ValidationFailed)) {
    // schema validation failed or value exceeds 4 KB
  }
  throw e;
}

try {
  const value = await setting.get();
} catch (e: unknown) {
  if (isBlocksError(e, AppSettingErrors.ParameterNotFound)) {
    // the parameter is missing (e.g., deleted out-of-band) or a secret has an empty value
  }
  throw e;
}

get() can throw AppSettingErrors.ParameterNotFound when the parameter does not exist or a secret parameter has an empty value (in both the AWS and mock runtimes).

Examples

Plain String Setting

// Recommended: let the framework manage the SSM name (unique by default)
const apiUrl = new AppSetting(scope, 'apiUrl', {
  value: 'https://api.example.com',
});

export const api = new ApiNamespace(scope, 'api', (context) => ({
  async getApiUrl() {
    return { url: await apiUrl.get() };
  },
  async setApiUrl(url: string) {
    await apiUrl.put(url);
  },
}));

Typed Object with Schema

import { z } from 'zod';

const config = new AppSetting(scope, 'config', {
  value: { maxRetries: 3, timeout: 5000 },
  schema: z.object({ maxRetries: z.number(), timeout: z.number() }),
});

export const api = new ApiNamespace(scope, 'api', (context) => ({
  async getConfig() {
    return await config.get(); // { maxRetries: number; timeout: number }
  },
  async updateConfig(cfg: { maxRetries: number; timeout: number }) {
    await config.put(cfg); // validated against schema
  },
}));

Secret

const stripeKey = new AppSetting(scope, 'stripeKey', {
  secret: true,
});

export const api = new ApiNamespace(scope, 'api', (context) => ({
  async charge(amount: number) {
    const key = await stripeKey.get(); // decrypted from SSM SecureString
    // use key...
  },
}));

Explicit Name (Cross-Service Reads)

Use an explicit name when the SSM parameter must be read by other services or follow a well-known path convention.

⚠️ You must ensure this name is unique across all stacks deployed to the same AWS account and region to avoid collisions.

const apiUrl = new AppSetting(scope, 'apiUrl', {
  name: '/my-app/production/api-url',
  value: 'https://api.example.com',
});

Validation Rules

These are enforced at CDK synth time:

  • secret + schema → error (secrets are plain strings)
  • schema without value → error (parameter needs a valid initial value)
  • secret with value → error (don't put secrets in source code)
  • Non-secret without value → error (settings require an initial value)

Scaling & Cost (AWS)

  • String parameters: Standard tier, free, 4 KB limit, 10,000 per account/region
  • SecureString parameters: Standard tier, free, encrypted with aws/ssm KMS key
  • Throughput: 40 TPS default for GetParameter (can be increased)
  • Latency: Single-digit ms reads and writes

Local Development

Mock data persists to disk at .bb-data/settings/{fullId}/value.json across dev server restarts. Wipe with rm -rf .bb-data. Secrets generate a random value locally (no KMS encryption in mock mode).