My secrets in SSM in AWS are there because they are sensitive.

Do I have to copy those secrets into my local serverless.yml or the .env files in order to use this?

Doesn't that defeat the purpose? Both of those files are in git.... so now I have to remember to wipe that data prior to code updates? .env is already used by the https://www.serverless.com/plugins/serverless-dotenv-plugin which conflicts.

Maybe an additional option to permit a custom config file? That would be a great additions then I could have .ssm-secrets and put it in a gitignore.

If your .env file contains secrets then it should not be committed to git.

Yes, you are correct in that this plugin is a direct conflict with the serverless-dotenv-plugin and they were never intended to be used together. This plugin was created to be used only when running the serverless-offline plugin to prevent it from reaching out to AWS to read SSM parameters. Any use case outside of that is outside of the scope of this plugin and should be supported by something else.

yes, thats exactly my use case. serverless-dotenv-plugin and serverless-offline

I have no intention of making this plugin support use cases outside of what I have already mentioned above.