Skip to content
/ awsconfctl Public

This tool helps working with AWS System Manager Parameters or Secrets Manager

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sarmad-abualkaz/awsconfctl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
aws
aws
 
 
cmd
cmd
 
 
config
config
 
 
yaml/unmarshal
yaml/unmarshal
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

awsconfctl

awsconfctl is a command line tool to work with a couple of AWS configuration services (Systems Manager Parameters or Secrets Manager).

Installation

DIY build

For go 1.12 and higher:

git clone https://github.com/sarmad-abualkaz/awsconfctl.git

go build

Usage

Note: this tool expects to find AWS credentials (Access Key and Secret Key) in ~/.aws/credentials.

As it stands this tool can perform the following sub-commands:

List SSM (System Manager) Parameters

Lists a group of AWS SSM parameters containing a specific string pattern.

exmaple: awsconfctl ssm-list-params --contains <string>

Optional flags:

  • --region <aws-region> to specify AWS Region (can also be passed via environment variable or through AWS_REGION=<aws-region>) (defaults to us-east-1).

  • --profile <aws-profile> to specify AWS Profile (defaults to dev).

  • --maxRes <integer> to specifiy the maximum result if required to limit output.

Get SSM Parameter Value

Retreives the value of an AWS SSM parameters by specifying the name of parameter.

awsconfctl ssm-get-value --name <parameter-name>

Optional flags:

  • --region <aws-region> to specify AWS Region (can also be passed via environment variable or through AWS_REGION=<aws-region>) (defaults to us-east-1).

  • --profile <aws-profile> to specify AWS Profile (defaults to dev).

List AWS Secrets (Secrets Manager)

Lists a group of AWS Secrets containing a specific string pattern.

awsconfctl sm-list-secrets --contains <name>

Optional flags:

  • --region <aws-region> to specify AWS Region (can also be passed via environment variable or through AWS_REGION=<aws-region>) (defaults to us-east-1).

  • --profile <aws-profile> to specify AWS Profile (defaults to dev).

  • --maxRes <integer> to specifiy the maximum result if required to limit output.

Get AWS Secret Value

Retreives the value of an AWS Secrets by specifying the name of a secret.

awsconfctl sm-get-secret-value --name <secret-name/alias>

Optional flags:

  • --region <aws-region> to specify AWS Region (can also be passed via environment variable or through AWS_REGION=<aws-region>) (defaults to us-east-1).

  • --profile <aws-profile> to specify AWS Profile (defaults to dev).

Apply (for updates or creations of configs)

This deals with both AWS SSM parameters or AWS Secrets and attempts to either update or create new configurations (parameters or secrets).

How to use

awsconfctl apply -f <file-path>

Optional flags:

  • --region <aws-region> to specify AWS Region (can also be passed via environment variable or through AWS_REGION=<aws-region>) (defaults to us-east-1).

  • --profile <aws-profile> to specify AWS Profile (defaults to dev).

Expected YAML schema

For dealing with AWS SSM parameters the example below provides a good YAML sample:

configSetup:
  configType: systemManager
  params:
  - key: foo-param
    value: foo-vale
    type: string
  - key: bar-param
    value: bar-value
    type: secureString (optional)
    KMSKey: <kms-key-id> (required if secureString is the type)
  - ...

For dealing with AWS Secrets the example below provides a good YAML sample:

configSetup:
  configType: secretsManager
  params:
  - key: foo-secret
    value: foo-vale
    KMSKey: <kms-key-id>
  - key: bar-secret
    value: bar-value
    KMSKey: <kms-key-id>
  - ...

Delete (for removal of configs)

This deals with both AWS SSM parameters or AWS Secrets and remove configurations as a result (parameters or secrets).

How to use

awsconfctl delete -f <file-path>

Optional flags:

  • --region <aws-region> to specify AWS Region (can also be passed via environment variable or through AWS_REGION=<aws-region>) (defaults to us-east-1).

  • --profile <aws-profile> to specify AWS Profile (defaults to dev).

  • --deleteForGood or -d (boolean) special flag for dealing with AWS Secrets only to remove a secret without a recovery window (defaults to false).

  • --recWindow (int) special flag for dealing with AWS Secrets only to setup a recovery window (Note this defaults to 7and will need to be set to 0 when passing -d/ --deleteForGood to true

Expected YAML schema

For dealing with AWS SSM parameters the example below provides a good YAML sample:

configSetup:
  configType: systemManager
  params:
  - key: foo-param
    value: foo-vale
    type: string
  - key: bar-param
    value: bar-value
    type: secureString (optional)
    KMSKey: <kms-key-id> (required if secureString is the type)
  - ...

For dealing with AWS Secrets the example below provides a good YAML sample:

configSetup:
  configType: secretsManager
  params:
  - key: foo-secret
    value: foo-vale
    KMSKey: <kms-key-id>
  - key: bar-secret
    value: bar-value
    KMSKey: <kms-key-id>
  - ...

About

This tool helps working with AWS System Manager Parameters or Secrets Manager

Topics

cli aws ssm cobra-library secretmanager

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages