diff --git a/src/datadog-agent.tf b/src/datadog-agent.tf
index 763b05a..f84bcc8 100644
--- a/src/datadog-agent.tf
+++ b/src/datadog-agent.tf
@@ -16,6 +16,18 @@ variable "datadog_sidecar_containers_logs_enabled" {
   description = "Enable the Datadog Agent Sidecar to send logs to aws cloudwatch group, requires `datadog_agent_sidecar_enabled` to be true"
 }
 
+variable "datadog_api_key_ssm_parameter_name" {
+  type        = string
+  default     = null
+  description = "The SSM Parameter Name containing the Datadog API Key"
+}
+
+variable "datadog_site" {
+  type        = string
+  default     = "us5.datadoghq.com"
+  description = "The Datadog Site to send logs to"
+}
+
 variable "datadog_logging_tags" {
   type        = map(string)
   default     = null
@@ -28,6 +40,18 @@ variable "datadog_logging_default_tags_enabled" {
   description = "Add Default tags to all logs sent to Datadog"
 }
 
+data "aws_ssm_parameter" "datadog_api_key" {
+  count = var.datadog_api_key_ssm_parameter_name != null && var.datadog_agent_sidecar_enabled ? 1 : 0
+
+  name = var.datadog_api_key_ssm_parameter_name
+}
+
+data "aws_ssm_parameter" "datadog_app_key" {
+  count = var.datadog_app_key_ssm_parameter_name != null && var.datadog_agent_sidecar_enabled ? 1 : 0
+
+  name = var.datadog_app_key_ssm_parameter_name
+}
+
 locals {
   default_datadog_tags = var.datadog_logging_default_tags_enabled ? {
     env     = module.this.stage
@@ -40,8 +64,8 @@ locals {
     logDriver = "awsfirelens"
     options = var.datadog_agent_sidecar_enabled ? {
       Name           = "datadog",
-      apikey         = module.datadog_configuration.datadog_api_key,
-      Host           = format("http-intake.logs.%s", module.datadog_configuration.datadog_site)
+      apikey         = one(data.aws_ssm_parameter.datadog_api_key[*].value),
+      Host           = format("http-intake.logs.%s", var.datadog_site)
       dd_service     = module.this.name,
       dd_tags        = local.all_dd_tags,
       dd_source      = "ecs",
@@ -87,8 +111,8 @@ module "datadog_container_definition" {
   essential        = true
   map_environment = {
     "ECS_FARGATE"                          = var.task.launch_type == "FARGATE" ? true : false
-    "DD_API_KEY"                           = module.datadog_configuration.datadog_api_key
-    "DD_SITE"                              = module.datadog_configuration.datadog_site
+    "DD_API_KEY"                           = one(data.aws_ssm_parameter.datadog_api_key[*].value)
+    "DD_SITE"                              = var.datadog_site
     "DD_ENV"                               = module.this.stage
     "DD_LOGS_ENABLED"                      = true
     "DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL" = true
diff --git a/src/remote-state.tf b/src/remote-state.tf
index 5b4fb84..451b064 100644
--- a/src/remote-state.tf
+++ b/src/remote-state.tf
@@ -140,12 +140,6 @@ data "jq_query" "service_domain_query" {
   query = var.zone_component_output
 }
 
-module "datadog_configuration" {
-  source  = "github.com/cloudposse-terraform-components/aws-datadog-credentials//src/modules/datadog_keys?ref=tags/v1.535.2"
-  enabled = true
-  context = module.this.context
-}
-
 # This is purely a check to ensure this zone exists
 # tflint-ignore: terraform_unused_declarations
 data "aws_route53_zone" "selected" {