Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Get value from AWS Systems Manager Parameter Store during Elastic Beanstalk deploy

Tags:

python

amazon-web-services

amazon-elastic-beanstalk

I have a database connection string stored in AWS Systems Manager Parameter Store that I want to pass to the environment variables of an Elastic Beanstalk instance. I don't want to commit it to source code nor have to rely on the deployer setting the values on deploy or doing it manually via the web console.

I have tried Dynamic References like {{resolve:ssm:DATABASE_CONNECTION_STRING:1}} (with and without back ticks) which work in CloudFormation stacks but not Elastic Beanstalk config.

I have tried using container_commands like

export DATABASE_CONNECTION_STRING=`aws ssm get-parameter --name DATABASE_CONNECTION_STRING --region eu-west-1 --query Parameter.Value --output text

but the Elastic Beanstalk instance does not have the right permissions and I'm unsure how to set them.

I have tried creating a file from the contents of an S3 file using files: and source: but get errors.

Ideally Dynamic References would work e.g. .ebextensions/env.config =>

OptionSettings:
  aws:elasticbeanstalk:application:environment:
    DATABASE_CONNECTION_STRING: {{resolve:ssm:ANNOTATOR_DATABASE_CONNECTION_STRING:1}}
like image 408
Paul Watson Avatar asked Mar 20 '20 15:03

Paul Watson

People also ask

How do you find the value of parameter store?

To read a value from the Systems Manager parameter store at synthesis time, use the valueFromLookup method (Python: value_from_lookup ). This method returns the actual value of the parameter as a Runtime context value. If the value is not already cached in cdk.

What is the difference between parameter store and secrets manager?

Parameter Store only allows one version of the parameter to be active at any given time. Secrets Manager, on the other hand, allows multiple versions to exist at the same time when you are performing a secret rotation. Secrets Manager distinguishes between different versions by the staging labels.

Video Answer

1 Answers

I was able to get this working by creating the file .ebextensions/options.config with the contents:

option_settings:
  aws:elasticbeanstalk:application:environment:
    ENCRYPT_CERT: '{{resolve:ssm:SOA_ENCRYPT_CERT:1}}'
    ENCRYPT_KEY: '{{resolve:ssm:SOA_ENCRYPT_KEY:1}}'
like image 162
gregdev Avatar answered Sep 23 '22 09:09

gregdev
Sign in to Comment

Related questions

Pytorch: can we use nn.Module layers directly in forward() function?
How to correctly handle cancelled tasks in Python's `asyncio.gather`
Why use a double square bracket in Pandas?
pivot a dataframe by diagonals
How to accumulate gradients in tensorflow 2.0?
Sphinx's autodoc's automodule having apparently no effect
How to inverse a DFT with magnitude with opencv python
How does Python / pip handle conflicting transitive dependencies?
how to switch download directory using selenium / firefox / python?
Create a numba typed List without looping over a python list
OpenCV - How to use floodFill with RGB image?
Is "from ... import ..." sometimes required and plain "import ..." not always working? Why?
Import Error: Symbol not found: _futimens with PyQT5 in macOS Sierra 10.12.6
Matplotlib bar chart negative values below x-axis
Complex polar plot in matplotlib
Setting dynamic folder and report name in pytest
How can I use a Keras trained model saved in a HDF5 file to make predictions?
How do I SELECT WHERE IN VALUES with tuples in Python sqlite3?
finding the count of number of sub arrays of size K whose sum is divisible by M?
Kernel error after updating Spyder in anaconda [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!