Table of Contents

The Error

Error describing SSM parameter: ParameterNotFound

What Causes This

Terraform is trying to read an SSM Parameter Store parameter that doesn’t exist, is in a different region, or the IAM role lacks permission to access it. This commonly happens with data sources referencing parameters that haven’t been created yet.

How to Fix It

Solution 1: Create the Parameter First

# Check if the parameter exists
aws ssm get-parameter --name "/app/database/url" --region us-east-1

# Create it if missing
aws ssm put-parameter \
  --name "/app/database/url" \
  --type "SecureString" \
  --value "postgresql://user:pass@host:5432/db"

Solution 2: Check Region

# SSM parameters are region-specific!
provider "aws" {
  region = "us-east-1"  # Must match where the parameter was created
}

data "aws_ssm_parameter" "db_url" {
  name = "/app/database/url"
}

Solution 3: Handle Missing Parameters Gracefully

# Use a default value if parameter might not exist
variable "db_url_override" {
  default = ""
}

locals {
  db_url = var.db_url_override != "" ? var.db_url_override : data.aws_ssm_parameter.db_url.value
}

Solution 4: Check IAM Permissions

{
  "Effect": "Allow",
  "Action": [
    "ssm:GetParameter",
    "ssm:GetParameters",
    "ssm:GetParametersByPath"
  ],
  "Resource": "arn:aws:ssm:us-east-1:123456789012:parameter/app/*"
}

Prevention Tips

  1. Pin provider versions — avoid surprise breaking changes
  2. Use CI/CD — catch errors before they hit production
  3. Test with terraform plan — always review before applying
  4. Keep Terraform updated — newer versions have better error messages
  5. Use terraform validate — catches syntax errors early

Hands-On Courses

Learn to avoid these errors with interactive, project-based courses:

Conclusion

This error is common and fixable. Follow the solutions above, and check our Terraform course for hands-on training that covers real-world troubleshooting scenarios.