Just curious on how do i pipe file directly to aws ssm parameter store? e.g.
# Put into ssm parameter store
cat my_github_private.key | aws ssm put-parameter --region ap-southeast-1 --name MY_GITHUB_PRIVATE_KEY --type SecureString --key-id alias/aws/ssm --value ???
# And read it back
aws ssm get-parameter --region ap-southeast-1 --name MY_GITHUB_PRIVATE_KEY --with-decryption --query Parameter.Value --output text > my_github_private.key.1
# Two should be identical
diff my_github_private.key my_github_private.key.1
Rather than taking the value from stdin
can you directly add to the command line arguments?
aws ssm put-parameter \
--region ap-southeast-1 \
--name MY_GITHUB_PRIVATE_KEY \
--type SecureString \
--key-id alias/aws/ssm \
--value file://my_github_private.key
Note: --value "$(cat my_github_private.key)"
also works
IF you are using terraform:
data "local_file" "yourkeyfile" {
filename = "keys/yourkey.pem"
}
resource "aws_ssm_parameter" "aresource-name-for-your-key" {
name = "/the/ssm/key"
type = "SecureString"
value = "${data.local_file.yourkeyfile.content}"
}
Remember to crypt yourkey.pem for example using blackbox
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With