Pipe file directly to AWS SSM parameter store?

Question

Just curious on how do i pipe file directly to aws ssm parameter store? e.g.

# Put into ssm parameter store
cat my_github_private.key | aws ssm put-parameter --region ap-southeast-1 --name MY_GITHUB_PRIVATE_KEY --type SecureString --key-id alias/aws/ssm --value ??? 
# And read it back 
aws ssm get-parameter --region ap-southeast-1 --name MY_GITHUB_PRIVATE_KEY --with-decryption --query Parameter.Value --output text > my_github_private.key.1
# Two should be identical
diff my_github_private.key my_github_private.key.1

Answer 1

Rather than taking the value from stdin can you directly add to the command line arguments?

aws ssm put-parameter \
    --region ap-southeast-1 \
    --name MY_GITHUB_PRIVATE_KEY \
    --type SecureString \
    --key-id alias/aws/ssm \
    --value file://my_github_private.key

Note: --value "$(cat my_github_private.key)" also works

Answer 2

IF you are using terraform:

data "local_file" "yourkeyfile" {
    filename = "keys/yourkey.pem"
}
resource "aws_ssm_parameter" "aresource-name-for-your-key" {
  name  = "/the/ssm/key"
  type  = "SecureString"
  value = "${data.local_file.yourkeyfile.content}"
}

Remember to crypt yourkey.pem for example using blackbox