Export AWS SSM Parameter Store values in bulk to .env files

Related tags

Learning resource aws-parameter-bulk
Overview

aws-parameter-bulk

Utility to read parameters from AWS Systems Manager (SSM) Parameter Store in bulk and output them in environment-file or json format. It can read all parameters for a given path, or read a list of single parameters. If the parameters contain json, this can be parsed as single values via a flag. It uses your current aws profile to access AWS SSM, you can supply a different profile if you need to read from a different account. Have your AWS CLI set up correctly. See below for instructions.

The output can be used as .env in your development workspace, as --from-env in docker, or as Kubernetes secret.

Usage

get reads names from single values, or from a path recursively. Use --help for usage and parameters.

$ aws-parameter-bulk --help

$ aws-parameter-bulk get --help

Assuming you have the following structure in SSM, and the parameters are filled with "valueOfParam1" etc.:

/dev/test/param1
/dev/test/param2
/dev/test/param3
/dev/other/other1
/dev/other/other2
/dev/testextend/param1
someparam1
someparam2
jsonparam1
jsonparam2

Get Path

These are the outputs you can create for a path variable. Note that the last part of the path will be printed in upper case, if you supply the --upper flag. To be a valid ENV Identifier the output has to use this format: [a-zA-Z_][a-zA-Z0-9_]*

$ aws-parameter-bulk get /dev/test --upper
PARAM1=valueOfParam1
PARAM2=valueOfParam2
PARAM3=valueOfParam3

Get Multiple Paths

You can supply multiple paths:

$ aws-parameter-bulk get /dev/test,/dev/other --upper
PARAM1=valueOfParam1
PARAM2=valueOfParam2
PARAM3=valueOfParam3
OTHER1=valueOfOther1
OTHER2=valueOfOther2

Overwrite Values

An env file key must be unique, therefore it will be filtered so each key only occurs once. The last key to appear will be printed out, so this will overwrite /dev/test/param1 with /dev/testextend/param1. This can be used to first read some default values and overwrite some of them.

$ aws-parameter-bulk get /dev/test,/dev/testextend --upper
PARAM1=valueOfParamFromExtend1
PARAM2=valueOfParam2
PARAM3=valueOfParam3

JSON Output

Output path parameters as JSON file:

$ aws-parameter-bulk get /dev/test,/dev/other --upper --outjson
{
    "PARAM1": "valueOfParam1",
    "PARAM2": "valueOfParam2",
    "PARAM3": "valueOfParam3",
    "OTHER1": "valueOfOther1",
    "OTHER2": "valueOfOther2"
}

Get Single Parameters

Reading single (non-path) SSM Parameters.

$ aws-parameter-bulk get someparam1,someparam2 --upper
SOMEPARAM1=valueOfSomeParam1
SOMEPARAM2=valueOfSomeParam2

Get Parameters Containing JSON

Reading SSM Parameters containing JSON, parsing and converting them. This also works for path parameters. Each parameter has to be json.

Assuming this is jsonparam1:

{
  "Json1a": "value1a",
  "Json1b": "value1b"
}

And jsonparam2:

{
  "JSON2a": "value2a",
  "JSON2b": "value2b"
}

This will be the output:

$ aws-parameter-bulk get jsonparam1,jsonparam2 --injson --upper
JSON1A=value1a
JSON1B=value1b
JSON2A=value2a
JSON2B=value2b

Saving From .env File To SSM Names

Takes a file in KEY=value form, and store each line as name and valie in ssm.

$ aws-parameter-bulk save .env
NAME1
NAME2

Saving From .env File To SSM Paths

Takes a file in KEY=value form, prefixes each key with the given path, and stores it in ssm.

$ aws-parameter-bulk save .env /dev/something
/dev/something/PARAM1
/dev/something/PARAM2

Saving From JSON File To SSM Paths

Using a json file as input and storing it to a path

$ aws-parameter-bulk save .env /dev/something --injson

/dev/something/key1=val1
2021-12-07T22:38:19Z INF pkg/util/awsssm.go:174 > Output: {
  Version: 1
}
/dev/something/key2=val2
2021-12-07T22:38:20Z INF pkg/util/awsssm.go:174 > Output: {
  Version: 1
}

Debugging

Add SSM_LOG_LEVEL=debug

$ SSM_LOG_LEVEL=debug aws-parameter-bulk get jsonparam1, jsonparam2 --injson --upper

Web UI

Start with parameter "web" to start a web ui on http://localhost:8888. Change the listen ip and port with the --address flag.

$ aws-parameter-bulk web

$ aws-parameter-bulk web --address :1234

AWS Setup

https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-quickstart.html

It is important that you set your region in your aws profile.

$ aws configure
AWS Access Key ID [None]: AKIAIOSFODNN7EXAMPLE
AWS Secret Access Key [None]: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
Default region name [None]: eu-central-1
Default output format [None]: json

If you have multiple profiles like this (.aws/config):

[default]
account = 11111111111
region = eu-central-1
output = json

[profile other]
account = 2222222222
region = eu-central-1
output = json
source_profile = default

You can read the SSM Parameters from the other account like this:

$ AWS_PROFILE=other aws-parameter-bulk get /dev/test
You might also like...

In game dev, generative art, and creative coding, sine is a ubiquitous function that is often used as a spring-like oscillator for a given parameter.

In game dev, generative art, and creative coding, sine is a ubiquitous function that is often used as a spring-like oscillator for a given parameter.

In game dev, generative art, and creative coding, sine is a ubiquitous function that is often used as a spring-like oscillator for a given parameter.

Feb 22, 2022

RenderIf is a function that receives a validation as a parameter, and if that validation is true, the content passed as children will be displayed. Try it!

RenderIf RenderIf is a function that receives a validation as a parameter, and if that validation is true, the content passed as children will be disp

Jul 12, 2022

An Obsidian plugin that provides commands for bulk enabling/disabling of plugins and CSS Snippets

An Obsidian plugin that provides commands for bulk enabling/disabling of plugins and CSS Snippets

An Obsidian plugin that provides commands for bulk enabling/disabling of plugins and CSS Snippets. Useful for debugging when you have many plugins or CSS snippets.

Dec 27, 2022

An obsidian plugin for uploading local images embedded in markdown to remote store and export markdown for publishing to static site.

An obsidian plugin for uploading local images embedded in markdown to remote store and export markdown for publishing to static site.

Obsidian Publish This plugin cloud upload all local images embedded in markdown to specified remote image store (support imgur only, currently) and ex

Dec 13, 2022

Find duplicate object values of your JSON files (VSCode Extension)

Find duplicate object values of your JSON files (VSCode Extension)

JASON Lint VS Code Extension Make your life easier, use this extension to defeat the horror of duplicate values from your JSON files. Very useful when

Oct 20, 2022

Vaultacks lets users store files off-chain on Gaia. Files are encrypted by default but also can be made public and shared

Vaultacks lets users store files off-chain on Gaia. Files are encrypted by default but also can be made public and shared

Vaultacks Vaultacks is built on the Stacks Chain. It lets users upload files to Gaia, a off-chain data storage system. Vaultacks currently uses the de

Sep 14, 2022

Multiple `.env` file supported.

Features Support multiple .env files and keep the inheritance Priority: local not unassigned local mode not unassigned mode e.g. .env.{{mode}}.loc

Oct 31, 2022

Infisical — Sync your .env securely in seconds.

Infisical Infisical is a simple, end-to-end encrypted secrets manager for your .env files. It enables teams to securely sync and manage .env files in

Jan 4, 2023

Loads environment variables from .env for nodejs projects.

dotenv Written in typescript, full testing. It can loads environment variables from a .env file into process.env or parse key=value string Install

Sep 23, 2022
Comments
  • Feature request: Use underscores in export for prefix path

    Feature request: Use underscores in export for prefix path

    With a SSM structure like:

    /app/foo = foo
/app/bar/foo = foo

    and using aws-parameter-bulk get /app --prefixpath --upper --export results in outputting:

    export /APP/FOO=foo
export /APP/BAR/FOO=foo

    Could this be adapted so it would replace the slashes to underscores instead like so?

    export APP_FOO=foo
export APP_BAR_FOO=foo
    opened by syphernl 2
Releases(v0.0.7)
Owner
Adam Malik
Software Developer, DevOps Engineer
Adam Malik
GitHub
Under the Sea is an official AWS workshop delivered by AWS SAs and AWS Partners to help customers and partners to learn about AIOps with serverless architectures on AWS.

Under the Sea - AIOps with Serverless Workshop Under the Sea is an exciting MMORPG developed by the famous entrepreneur behind Wild Rydes, the most po

AWS Samples 4 Nov 16, 2022
Functions for testing the types of JavaScript values, cross-realm. Has testers for all standard built-in objects/values.

@suchipi/is Functions for testing the types of JavaScript values, cross-realm. Has testers for all standard built-in objects/values. Usage import { is

Lily Skye 5 Sep 8, 2022
The repos includes script for uploading bulk files in a directory to ipfs using nft.storage

Uploading Foloder to IPFS using nft.storage This repository includes script for uploading bulk files in a directory to ipfs using nft.storage Acknowle

Dapp Composer 22 Dec 17, 2022
A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on "the edge," on the fly, built on AWS Serverless technologies. Served by CloudFront via an Origin Access Identity. Executed on Lambda@Edge. Backed by S3. Protected by AWS WAF. Provisioned via CloudFormation. Deployed by the AWS SAM CLI.

Image Flex A robust, secure, and easily deployable image resizing service that resizes, optimizes, and caches images on "the edge," on the fly, built

Horace Nelson 89 Dec 20, 2022
Learn Web 2.0 and Web 3.0 Development using Next.js, Typescript, AWS CDK, AWS Serverless, Ethereum and AWS Aurora Serverless

Learn Web 2.0 Cloud and Web 3.0 Development in Baby Steps In this course repo we will learn Web 2.0 cloud development using the latest state of the ar

Panacloud Multi-Cloud Internet-Scale Modern Global Apps 89 Jan 3, 2023
MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are still part of a flow in the AWS cloud remote.

MerLoc MerLoc is a live AWS Lambda function development and debugging tool. MerLoc allows you to run AWS Lambda functions on your local while they are

Thundra 165 Dec 21, 2022
AWS Lambda & Serverless - Developer Guide with Hands-on Labs. Develop thousands line of aws lambda functions interact to aws serverless services with real-world hands-on labs

AWS Lambda & Serverless - Developer Guide with Hands-on Labs UDEMY COURSE WITH DISCOUNTED - Step by Step Development of this Repository -> https://www

awsrun 35 Dec 17, 2022
This is a demo store built with Medusa. It is a fully functional e-commerce store that you can use to test out Medusa and we have implemented 3D swag store functionality. Swags are 3D models that can be viewed by the customer before they purchase them.

Hacktoberfest - Medusa's 3D Swag Store This is a demo store built with Medusa. It is a fully functional e-commerce store that you can use to test out

Manoj Kumar 4 Nov 21, 2022
Autocompletion, in-code secret peeking 🔎, syncing, and more, for your .env files in VSCode. 👑 From the same people who pioneered dotenv.

Dotenv Official (with Vault) for VSCode Official Dotenv. Syntax highlighting, autocompletion, in-code secret peeking, and .env file syncing with Doten

Dotenv 38 Dec 19, 2022
Some process handle JavaScript function parameter.

Function parameter handle or paremeter error control Example 1: Just checking if all arguments were passed / defined. const required = (name) => {

Md. Nazmul Islam 4 Mar 14, 2022