Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

aws ssm get-parameter rsa key output to file

Tags:

sed

amazon-web-services

I have stored my private key file in AWS SSM Parameter store. I want to retrieve just the private key value from the parameter store and save it as an id_rsa file locally using aws cli.

This article: https://github.com/aws/aws-cli/issues/2742 shows me exactly how i can do that using sed. however I still get a character returned after "-----END RSA PRIVATE KEY-----" which i want to remove using sed.

This is my command i run on command line:

aws --region=us-east-1 ssm get-parameters --names "mykey" --with-decryption --output text 2>&1 | sed 's/.*----BEGIN/----BEGIN/'

And the output is:

----BEGIN RSA PRIVATE KEY-----
some text here
-----END RSA PRIVATE KEY-----   2

Notice the 2 in the end of the last line. I want to get rid of anything after -----END RSA PRIVATE KEY----- as well.

What do i need to add to my sed command to achieve that?

like image 953
H RH Avatar asked Jan 12 '18 12:01

H RH

People also ask

How do I get Arn of parameter in SSM?

You can locate the Amazon Resource Name (ARN) of the default key in the AWS KMS console on the AWS managed keys page. The default key is the one identified with aws/ssm in the Alias column.

Where are SSM parameters stored?

We can store these parameters in SSM, as encrypted secure strings, under a common path: /app/production/db/{DB_NAME, DB_USERNAME, DB_PASSWORD, DB_HOST} .

Are SSM parameters encrypted?

Each advanced parameter value is encrypted under a unique data key, and the data key is encrypted under a KMS key. You can use the AWS managed key for the account ( aws/ssm ) or any customer managed key.

What is the use of SSM parameters?

AWS Systems Manager Parameter Store (or SSM Parameter Store) is a convenient way to store hierarchical parameters in AWS. You can use it for any configuration values, including secure values like passwords or API keys. It integrates well with other AWS services too.

1 Answers

You can obtain the value alone using the following command:

aws --region=us-east-1 ssm get-parameter --name "mykey" --with-decryption --output text --query Parameter.Value

i.e. by selecting the value using --query Parameter.Value

You can then pipe it directly to the file without using sed.

like image 197
lexicalscope Avatar answered Sep 29 '22 07:09

lexicalscope
Sign in to Comment

Related questions

How to restart mysql server? [closed]
AWS S3 and AWS storage gateway
amazon aws sns, sms option not available?
output plain text content from Amazon API gateway endpoint
AWS Beanstalk - getting "Access denied while accessing Auto Scaling and ..." error
How to specify a ACM certificate in a specific region for a data source?
Import Postgres data into RDS using S3 and aws_s3
Wipe out EB init config
AWS DocumentDB with Robo 3T (Robomongo)
Unable to RDP to EC2 instance
Is there a way to assign a Static IP to a AWS Lambda without VPC?
IllegalLocationConstraintException on CloudFront (for S3)
Can AWS Athena update or insert data stored in S3?
Set Cache-Control HTTP Header for S3 Objects from PHP AWS SDK
Can't connect to phpmyadmin in Bitnami instance hosted by AWS
How to download a file from EC2 instance to Local Computer
Making a signed HTTP request to AWS Elasticsearch in Python
Amazon CloudSearch: Is it possible to write a query that returns... everything?
Aws cloudformation validate-template keeps giving error (Template format error)
Delete all items in a DynamoDB table using bash with both partition and sort keys

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!