Is there a way to suppress output of an execution step while still allowing you to pass it to another step?

[vennemp]

I am using SSM Automation to configure my windows instances. However, part of the configuration requires using privileged access in AD (like Domain Admin).

My idea was:

1. Store the AD Admin PW in SSM Parameter Store.
2. Use Automation ExecuteAWSAPI Action ssm:GetParameter to get the password. **
3. Pass it as an output to an executePowerShell Action.

I did not want to give the instance profile of the instance running the commands ability to get the parameter to prevent someone using the creds on the instance to escalate privileges.

This works great in general but the problem is the output of the ExecuteAWSAPI ssm:GetParameter action displays the password in plain text in the output. I was hoping for something like CloudFormation's NoEcho feature which would allow me to use the output properly in the automation without displaying the password anywhere in logs.