Skip to content

Instantly share code, notes, and snippets.

@satnami

satnami/aws_ssm_env.sh

Last active September 29, 2020 12:42
Show Gist options
  • Save satnami/7c8b894138d138e55500c53b8a3e8515 to your computer and use it in GitHub Desktop.
Save satnami/7c8b894138d138e55500c53b8a3e8515 to your computer and use it in GitHub Desktop.
Download ZIP
AWS SSM Parameter Store to Environment Variables
Raw
aws_ssm_env.sh
#!/bin/sh
# Usage:
# eval $(/dir/to/file/aws_ssm_env.sh PRODUCTION/POSTGRES)
# PRODUCTION/POSTGRES can be changed to the need path, and the script will truncate that path
# AWS Systems Manager -> Parameter Store will be stored like this
# /PRODUCTION/POSTGRES/POSTGRES_DATABASE_HOST = 10.10.10.10
# /PRODUCTION/POSTGRES/POSTGRES_DATABASE_PORT = 0000
PARAMETER_PATH=$1
ROLE=$(curl http://169.254.169.254/latest/meta-data/iam/security-credentials)
CRED=$(curl http://169.254.169.254/latest/meta-data/iam/security-credentials/$ROLE)
# export AWS_ACCESS_KEY_ID=$(echo $CRED | jq -r '.AccessKeyId')
# export AWS_SECRET_ACCESS_KEY=$(echo $CRED | jq -r '.SecretAccessKey')
# export AWS_SESSION_TOKEN=$(echo $CRED | jq -r '.Token')
PARAMETERS_PATH=$(AWS_ACCESS_KEY_ID=$(echo $CRED | jq -r '.AccessKeyId') AWS_SECRET_ACCESS_KEY=$(echo $CRED | jq -r '.SecretAccessKey') AWS_SESSION_TOKEN=$(echo $CRED | jq -r '.Token') aws ssm get-parameters-by-path --with-decryption --path /$PARAMETER_PATH | sed -e "s~/$PARAMETER_PATH/~~")
echo $(jq -r '.Parameters| .[] | "export " + .Name + "=" + .Value + ""' <<< $PARAMETERS_PATH)
Raw
ec2-role-inline-policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Effect": "Allow",
"Action": [
"ssm:GetParametersByPath",
"ssm:GetParameters",
"ssm:GetParameter"
],
"Resource": "*"
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment