Menu
Alright, so I'm trying to programmatically store my Serverless generated API endpoint in parameter store for another project to ingest.
Just for an example, I'm going to try to store google.com.
aws ssm put-parameter --name /dev/someStore --value https://google.com --type String
This fails, understandably so.
Error parsing parameter '--value': Unable to retrieve https://google.com: received non 200 status code of 301
However, if I wrap the URL in quotes...
aws ssm put-parameter --name /dev/someStore --value "https://google.com" --type String
It still fails with the same error. Is there any way to stop the cli from trying to evaluate the URL and just save the goddamn string?
502
We can store these parameters in SSM, as encrypted secure strings, under a common path: /app/production/db/{DB_NAME, DB_USERNAME, DB_PASSWORD, DB_HOST} .
Parameter Store only allows one version of the parameter to be active at any given time. Secrets Manager, on the other hand, allows multiple versions to exist at the same time when you are performing a secret rotation. Secrets Manager distinguishes between different versions by the staging labels.
By default AWS CLI follows any string parameters that start with https:// or http://. These URLs are fetched, and the downloaded content is used as the parameter instead of URL.
To make CLI not treat strings prefixed with https:// or http:// any differently than normal string parameters run:
aws configure set cli_follow_urlparam false
cli_follow_urlparam controls whether or not the CLI will attempt to follow URL links in parameters that start with either prefix https:// or http://.
See https://docs.aws.amazon.com/cli/latest/topic/config-vars.html
Problem:
aws ssm put-parameter --name /config/application/some-url --value http://google.com --type String --region eu-central-1 --overwrite
Error parsing parameter '--value': Unable to retrieve http://google.com: received non 200 status code of 301
Solution:
aws configure set cli_follow_urlparam false
aws ssm put-parameter --name /config/application/some-url --value http://google.com --type String --region eu-central-1 --overwrite
{
"Version": 1
}
This is happening because of a questionable behavior by awscli v1. When it sees a URL, it invokes an HTTP GET for a result. This does not happen in awscli v2.
You can work around this behavior as follows:
aws ssm put-parameter --cli-input-json '{
"Name": "/dev/someStore",
"Value": "https://google.com",
"Type": "String"
}'
Or you can store the JSON in a file named params.json and invoke:
aws ssm put-parameter --cli-input-json file://params.json
The underlying issue was reported at aws/aws-cli/issues/2507.
17
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
