{"id":23096032,"url":"https://github.com/ajbrown/dropwizard-ssm","last_synced_at":"2026-04-02T02:53:52.194Z","repository":{"id":52677368,"uuid":"130272399","full_name":"ajbrown/dropwizard-ssm","owner":"ajbrown","description":"Dropwizard configuration variable substitution with Amazon Simple Systems Manager!","archived":false,"fork":false,"pushed_at":"2021-04-21T10:38:47.000Z","size":49,"stargazers_count":5,"open_issues_count":3,"forks_count":5,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-07-20T14:23:33.106Z","etag":null,"topics":["dropwizard","dropwizard-configuration","ssm"],"latest_commit_sha":null,"homepage":null,"language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ajbrown.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-04-19T21:03:29.000Z","updated_at":"2022-11-18T03:52:09.000Z","dependencies_parsed_at":"2022-08-20T14:20:47.071Z","dependency_job_id":null,"html_url":"https://github.com/ajbrown/dropwizard-ssm","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/ajbrown/dropwizard-ssm","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajbrown%2Fdropwizard-ssm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajbrown%2Fdropwizard-ssm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajbrown%2Fdropwizard-ssm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajbrown%2Fdropwizard-ssm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ajbrown","download_url":"https://codeload.github.com/ajbrown/dropwizard-ssm/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ajbrown%2Fdropwizard-ssm/sbom","scorecard":{"id":174302,"data":{"date":"2025-08-11","repo":{"name":"github.com/ajbrown/dropwizard-ssm","commit":"31f54305602a2a4411b121b167c1ee7bd6aff5d8"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.9,"checks":[{"name":"Code-Review","score":0,"reason":"Found 0/18 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":9,"reason":"license file detected","details":["Info: project has a license file: LICENSE.txt:0","Warn: project license file does not contain an FSF or OSI license."],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"84 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-h46c-h94j-95f3","Warn: Project is vulnerable to: GHSA-wf8f-6423-gfxg","Warn: Project is vulnerable to: GHSA-27xj-rqx5-2255","Warn: Project is vulnerable to: GHSA-288c-cq4h-88gq","Warn: Project is vulnerable to: GHSA-4gq5-ch57-c2mg","Warn: Project is vulnerable to: GHSA-4w82-r329-3q67","Warn: Project is vulnerable to: GHSA-57j2-w4cx-62h2","Warn: Project is vulnerable to: GHSA-58pp-9c76-5625","Warn: Project is vulnerable to: GHSA-5949-rw7g-wx7w","Warn: Project is vulnerable to: GHSA-5p34-5m6p-p58g","Warn: Project is vulnerable to: GHSA-5r5r-6hpj-8gg9","Warn: Project is vulnerable to: GHSA-5ww9-j83m-q7qx","Warn: Project is vulnerable to: GHSA-645p-88qh-w398","Warn: Project is vulnerable to: GHSA-6fpp-rgj9-8rwc","Warn: Project is vulnerable to: GHSA-6wqp-v4v6-c87c","Warn: Project is vulnerable to: GHSA-758m-v56v-grj4","Warn: Project is vulnerable to: GHSA-85cw-hj65-qqv9","Warn: Project is vulnerable to: GHSA-89qr-369f-5m5x","Warn: Project is vulnerable to: GHSA-8c4j-34r4-xr8g","Warn: Project is vulnerable to: GHSA-8w26-6f25-cm9x","Warn: Project is vulnerable to: GHSA-95cm-88f5-f2c7","Warn: Project is vulnerable to: GHSA-9gph-22xh-8x98","Warn: Project is vulnerable to: GHSA-9m6f-7xcq-8vf8","Warn: Project is vulnerable to: GHSA-9mxf-g3x6-wv74","Warn: Project is vulnerable to: GHSA-9vvp-fxw6-jcxr","Warn: Project is vulnerable to: GHSA-c265-37vj-cwcc","Warn: Project is vulnerable to: GHSA-c2q3-4qrh-fm48","Warn: Project is vulnerable to: GHSA-c8hm-7hpq-7jhg","Warn: Project is vulnerable to: GHSA-cf6r-3wgc-h863","Warn: Project is vulnerable to: GHSA-cjjf-94ff-43w7","Warn: Project is vulnerable to: GHSA-cmfg-87vq-g5g4","Warn: Project is vulnerable to: GHSA-cvm9-fjm9-3572","Warn: Project is vulnerable to: GHSA-f3j5-rmmp-3fc5","Warn: Project is vulnerable to: GHSA-f9hv-mg5h-xcw9","Warn: Project is vulnerable to: GHSA-f9xh-2qgp-cq57","Warn: Project is vulnerable to: GHSA-fmmc-742q-jg75","Warn: Project is vulnerable to: GHSA-fqwf-pjwf-7vqv","Warn: Project is vulnerable to: GHSA-gjmw-vf9h-g25v","Warn: Project is vulnerable to: GHSA-gwp4-hfv6-p7hw","Warn: Project is vulnerable to: GHSA-gww7-p5w4-wrfv","Warn: Project is vulnerable to: GHSA-h3cw-g4mq-c5x2","Warn: Project is vulnerable to: GHSA-h4rc-386g-6m85","Warn: Project is vulnerable to: GHSA-h822-r4r5-v8jg","Warn: Project is vulnerable to: GHSA-j823-4qch-3rgm","Warn: Project is vulnerable to: GHSA-jjjh-jjxp-wpff","Warn: Project is vulnerable to: GHSA-m6x4-97wx-4q27","Warn: Project is vulnerable to: GHSA-mc6h-4qgp-37qh","Warn: Project is vulnerable to: GHSA-mph4-vhrx-mv67","Warn: Project is vulnerable to: GHSA-mx7p-6679-8g3q","Warn: Project is vulnerable to: GHSA-mx9v-gmh4-mgqw","Warn: Project is vulnerable to: GHSA-p43x-xfjf-5jhr","Warn: Project is vulnerable to: GHSA-q93h-jc49-78gg","Warn: Project is vulnerable to: GHSA-qjw2-hr98-qgfh","Warn: Project is vulnerable to: GHSA-qmqc-x3r4-6v39","Warn: Project is vulnerable to: GHSA-qr7j-h6gg-jmgc","Warn: Project is vulnerable to: GHSA-r3gr-cxrf-hg25","Warn: Project is vulnerable to: GHSA-r695-7vr9-jgc2","Warn: Project is vulnerable to: GHSA-rf6r-2c4q-2vwg","Warn: Project is vulnerable to: GHSA-rgv9-q543-rqg4","Warn: Project is vulnerable to: GHSA-rpr3-cw39-3pxh","Warn: Project is vulnerable to: GHSA-v3xw-c963-f5hc","Warn: Project is vulnerable to: GHSA-v585-23hc-c647","Warn: Project is vulnerable to: GHSA-vfqx-33qm-g869","Warn: Project is vulnerable to: GHSA-wh8g-3j2c-rqj5","Warn: Project is vulnerable to: GHSA-x2w5-5m2g-7h5m","Warn: Project is vulnerable to: GHSA-xmc8-26q4-qjhx","Warn: Project is vulnerable to: GHSA-h4x4-5qp2-wp46","Warn: Project is vulnerable to: GHSA-5mg8-w23w-74h3","Warn: Project is vulnerable to: GHSA-7g45-4rm6-3mm3","Warn: Project is vulnerable to: GHSA-mvr2-9pj6-7w5j","Warn: Project is vulnerable to: GHSA-3mcp-9wr4-cjqf","Warn: Project is vulnerable to: GHSA-8jpx-m2wh-2v34","Warn: Project is vulnerable to: GHSA-j288-q9x7-2f5v","Warn: Project is vulnerable to: GHSA-7r82-7xv7-xcpj","Warn: Project is vulnerable to: GHSA-v6w3-2prq-h95f","Warn: Project is vulnerable to: GHSA-3mc7-4q67-w48m","Warn: Project is vulnerable to: GHSA-98wm-3w3q-mw94","Warn: Project is vulnerable to: GHSA-9w3m-gqgf-c4p9","Warn: Project is vulnerable to: GHSA-c4r9-r8fh-9vj2","Warn: Project is vulnerable to: GHSA-hhhw-99gj-p3c3","Warn: Project is vulnerable to: GHSA-mjmj-j48q-9wg2","Warn: Project is vulnerable to: GHSA-rvwf-54qp-4r6v","Warn: Project is vulnerable to: GHSA-w37g-rhq8-7m4j","Warn: Project is vulnerable to: GHSA-264p-99wq-f4j6"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-16T17:20:15.826Z","repository_id":52677368,"created_at":"2025-08-16T17:20:15.826Z","updated_at":"2025-08-16T17:20:15.826Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271073387,"owners_count":24694538,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-18T02:00:08.743Z","response_time":89,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dropwizard","dropwizard-configuration","ssm"],"created_at":"2024-12-16T22:32:58.103Z","updated_at":"2026-04-02T02:53:52.176Z","avatar_url":"https://github.com/ajbrown.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"[![Build Status](https://travis-ci.org/ajbrown/dropwizard-ssm.svg?branch=master)](https://travis-ci.org/ajbrown/dropwizard-ssm)\n\nDropwizard SSM allows [AWS's Simple System Management parameters](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-paramstore.html) parameters to be used for variable substitution within Dropwizard \nconfigurations.  \n\n### Why Dropwizard SSM\nA common way to provide environment specific configuration values to your Dropwizard application\nis to use the built-in `EnvironmentVariableSubstitutor`, which will replace variables like `${MY_ENV_VAR}` with a value\nloaded from the environment through `System.getenv(\"MY_ENV_VAR\"\")`.  This is convenient, but requires you to update the \nenvironment variables on the machine running Dropwizard whenever you want to change the value.  That's easy for something \nlike Docker containers, but doesn't work very well for virtual machines provisioned in a more traditional fashion, and\ndefinintely not for bare metal.\n\nFurthermore, this is a security nightmare for sensitive data like database passwords.  Writing those files out to the \nfilesystem or passing them in your launch means anyone that has access to the environment also knows the credentials.  \n\nBy using Simple Systems Management parameter stores, we can store configuration values in a centralized location, using\nKMS to encrypt values where needed, and IAM permissions to control who has access to those parameters.  When we want to\nupdate a configuration value, we just need to update it in one place -- no need to update the runtime environment on\nyour servers! \n\n\n\u003e **Note**: At this time, this library does not provide a way to dynamically update configuration values at runtime.  \n\u003e Variable substitution happens on startup, so the configuration class will contain the value that was there when the \n\u003e application starts.  Unfortunately, this means you still need to restart your service whenever a critical value changes. \n\n### Usage Example\n\nSimilar to environment variable substitution, the variables in your configuration file should match the fully-qualified\nname of the paramter that contains the value.  \n\nAdd the Maven dependency:\n```xml\n  \u003cdependency\u003e\n    \u003cgroupId\u003eorg.ajbrown.dropwizard\u003c/groupId\u003e\n    \u003cartifactId\u003edropwizard-ssm\u003c/artifactId\u003e\n    \u003cversion\u003e1.0\u003c/version\u003e\n  \u003c/dependency\u003e\n```\n\nAdd fully-qualified parameter names to your configuration:\n\n```yaml\ndatabase:\n  driverClass: com.mysql.cj.jdbc.Driver\n  url: ${JDBC_URL:-jdbc:mysql://localhost/my-database}\n  user: ${/myapp/database-user}\n  password: ${/myapp/database-user}\n```\n\nRegister SSM configuration variable substitution:\n\n```java\n    // Enable variable substitution with AWS Simple Systems Management\n    bootstrap.setConfigurationSourceProvider(\n        new SubstitutingSourceProvider(bootstrap.getConfigurationSourceProvider(),\n            new SsmSubstitutor(false)\n        )\n    );\n```\n\n#### Using With Environment Variable Substitution \n\nYou can also use this substitutor (and any other well-built substitutor) alongside the built in environment variable \nsubstitutor. In my configuration above, I'm actually expecting that the JDBC_URL is provided by an environment variable,\nwhile the username and passwords are provided by a parameter store.  You can chain substitutors together to accomplish \nthis.\n\n\n```java\n    // Enable variable substitution with environment variables\n    bootstrap.setConfigurationSourceProvider(\n        new SubstitutingSourceProvider(bootstrap.getConfigurationSourceProvider(),\n            new EnvironmentVariableSubstitutor(false)\n        )\n    );\n\n\n    // Enable variable substitution with AWS Simple Systems Management\n    bootstrap.setConfigurationSourceProvider(\n        new SubstitutingSourceProvider(bootstrap.getConfigurationSourceProvider(),\n            new SsmSubstitutor(false)\n        )\n    );\n```\n\n#### Using Namespace Prefixes\n\nOften, you want to use the same configuration file across multiple environments, but have different values substituted \ndepending on the environment.  To support this, you can set a \"namesspace prefix\" during configuration.  When provided, \nDropwizard SSM will add this prefix to all parameter names it uses. \n\n```java\n    bootstrap.setConfigurationSourceProvider(\n        new SubstitutingSourceProvider(bootstrap.getConfigurationSourceProvider(),\n            new SsmSubstitutor(false, System.getenv(\"ENV\") + \"/\")\n        )\n    );\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fajbrown%2Fdropwizard-ssm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fajbrown%2Fdropwizard-ssm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fajbrown%2Fdropwizard-ssm/lists"}