Skip to content
Advertisement

Retrieve secrets from AWS Secrets Manager

I have a bunch of secrets (key/value) pairs stored in AWS Secrets Manager. I tried to parse the secrets using jq as:

aws secretsmanager get-secret-value --secret-id <secret_bucket_name> | jq --raw-output '.SecretString' | jq -r .PASSWORD

It retrieves the value stored in .PASSWORD, but the problem is I not only want to retrieve the value stored in key but also want to retrieve the key/value in the following manner:

KEY_1="1234"
KEY_2="0000"
.
.
.
so on...

By running the above command I am not able to parse in this format and also for every key/value I have to run this command many times which is tedious. Am I doing something wrong or is there a better way of doing this?

Advertisement

Answer

This isn’t related to python, but more related to behaviour of aws cli and jq. I come up with something like this.

aws secretsmanager get-secret-value --secret-id <secret_name> --output text --query SecretString | jq ".[]"

There are literally hundred different ways to format something like this.

aws cli itself has lot of options to filter output using --query option https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-output.html

Exact conversion you are looking for would require somwthing like this:

aws secretsmanager get-secret-value --secret-id <secret_name> --output text --query SecretString 
 | jq  -r 'to_entries[] | [.key, "=", """, .value, """ ] | @tsv' 
 | tr -d "t"

There has to be some better way of doing this!!

User contributions licensed under: CC BY-SA
2 People found this is helpful
Advertisement