Easily list or export your AWS Parameter Store values.
IMPORTANT: Secrets are decrypted and displayed on the console in clear text.
Table of Contents
This step only needs to happen on first use, or when you have updated the code from this repository.
Install the Glide package manager, install the dependencies, then build the app for the current OS.
glide install
make build
The AWS CLI Tools and the various AWS SDKs already have a well-established pattern for managing credentials, so this software piggybacks on those existing patterns.
If you've already set-up the AWS CLI Tools, you can set default credentials that way.
aws configureYou can also create secondary profiles.
aws configure --profile productionBy default, pstore will use the default credentials from aws configure. If you are using multiple profiles, you can use a specific profile by passing the --profile flag.
pstore list --profile productionIf you would prefer to pass credentials manually, use the environment variables.
AWS_ACCESS_KEY_ID=AKIAJHJBEXAMPLEW7VJA \
AWS_SECRET_ACCESS_KEY=QIBAlwMNrzExampleG9iRf1ttflI0PDooExample \
AWS_DEFAULT_REGION=us-west-2 \
pstore listSee AWS CLI Configuration Variables for more information.
For all commands, you can pass an argument to the command line. This argument is the path of the Parameter Store value that you want to see. The default value is / (root/all).
pstore --profile=staging list /awesome-appAn example response looks like:
+---------------------------------------+--------------+
| Key | Value |
+---------------------------------------+--------------+
| /awesome-app/staging/environment-name | staging |
| /awesome-app/staging/project-name | awesome-app |
| /awesome-app/staging/vpc-id | vpc-abcd1234 |
+---------------------------------------+--------------+
3 results.
pstore --profile=staging cli /awesome-appAn example response looks like:
aws ssm put-parameter \
--profile staging \
--name "/awesome-app/staging/environment-name" \
--type SecureString \
--value "staging" \
--overwrite \
;
aws ssm put-parameter \
--profile staging \
--name "/awesome-app/staging/project-name" \
--type SecureString \
--value "awesome-app" \
--overwrite \
;
aws ssm put-parameter \
--profile staging \
--name "/awesome-app/staging/vpc-id" \
--type SecureString \
--value "vpc-abcd1234" \
--overwrite \
;pstore --profile=staging get /awesome-app/staging/project-nameAn example response looks like:
awesome-app
Parameter Store’s built-in searching is pretty weak. If you have a key named /awesome-app/staging/vpc-id, passing /awesome-app/ or /awesome-app/staging/ as the path parameter will return results. However, passing /awesome-app/staging/vpc will return zero results. This is because Parameter Store can only match on path fragments delimited with a / character.
pstore goes beyond this with support for filtering the results that come back from AWS on the client-side. It supports two filtering modes: substring and regular expression.
-
substring — Filtering is case-insensitive, and attempts to match partial strings in both the key name as well as the value.
--filter vpc-id
-
regular expression — RE2 expressions are supported (similar to PCRE). Attempts to match both the key name as well as the value.
--regex "(?i)vpc-[0-9a-f]{8}"
First, install the linting dependencies.
make linterror parsing regexp:
Check your regular expression. The RE2 engine in Go is very similar to the PCRE expression engine supported by PHP, JavaScript, Ruby, and Perl. You can test your regular expression with Regex Tester - Golang.
ValidationException: Parameter path: can't be prefixed with "aws" or "ssm" (case-insensitive) except global parameter name path prefixed with "aws" (case-sensitive). It should always begin with / symbol.It consists of sub-paths divided by slash symbol; each sub-path can be formed as a mix of letters, numbers and the following 3 symbols .-_
You may have tried to use a * or some other wildcard character for your <path> argument. The path argument does not support wildcards. Use --filter or --regex instead.