Reputation: 3475
How to export parameters from aws parameter store and import into another account
on my first aws account I have parameters specified in the following manner:
/config/a => value1
/config/b => value2
/config/c/a => value31
/config/c/b => value32
I want to move these to my second aws account.
I created these parameters in the parameter store manually.
How could I easily copy these values from one account to the other?
Using aws ssm get-parameters --names "<param-name>" would be a bit too difficult, since I have way too many parameters.
Upvotes: 18
Views: 19054
Answers (8)
Reputation: 1160
This Go utility might be of help: https://github.com/b-b3rn4rd/json2ssm.
Make sure to set your AWS_PROFILE pointing to a profile in ~/.aws/config which includes the region where your parameter store is located.
To export you can run:
json2ssm get-json --path=/ > parameters.json
To import you can run:
json2ssm put-json --json-file=parameters.json
Upvotes: 0
Reputation: 826
You can try something like this:
$source_path=""
$source_region=""
$destination_path=""
$destination_region=""
aws_output=$(aws ssm get-parameters-by-path \
--path "$source_path" \
--with-decryption \
--recursive \
--query "Parameters[*].[Name, Type, Value]" \
--output json \
--region "$source_region")
echo "$aws_output" | jq -r '.[] | [.[0], .[1], .[2]] | @tsv' | while IFS=$'\t' read -r full_source_path type value; do
full_destination_path="${full_source_path/$source_path/$destination_path}"
if [ "$dry_run" = true ]; then
echo "[Dry run] Copying: $full_source_path -($type)-> $full_destination_path"
else
echo "[Dry run] Copying: $full_source_path -($type)-> $full_destination_path"
aws ssm put-parameter \
--name "$full_destination_path" \
--value "$value" \
--type "$type" \
--region "$destination_region"
fi
done
Or full version here: https://gist.github.com/johnymachine/15fd9d4b7c5fdf51165258962e52488d
Upvotes: 1
Reputation: 2314
Using following cmd you can easily get Name and values of parameters store.
$ aws ssm get-parameters-by-path --path "/" --recursive --query="Parameters[*].[Name, Value]" --output json>parameters.json
Upvotes: 4
Reputation: 71
well I know it is has been a year but, for people who are still trying to figure out here is the detailed solution,
So you need to run following command to fetch all the parameters in your current region:
aws ssm get-parameters-by-path --path "/" --recursive --with-decryption --region eu-west-2
you will get a JSON formatted response. Just copy the response and paste it into a file (*.txt file then rename it to *.json). You have your JSON file with all the current parameters
I published that code into a git repository here. Just clone that repository after cloning add your desired region here :
const ssm = new AWS.SSM({
apiVersion: '2014-11-06';,
region: 'eu-west-2'; // add your destination region here.
});
and your json file here: const { Parameters } = await require('<YOUR JSON FILE>.json');
Then Install npm packages by running command npm install and run the script by command npm start
Upvotes: 3
Reputation: 5154
Here is my version that outputs all parameters' Name, Type and Value in a TSV (tab-separated values) format:
aws ssm get-parameters-by-path --path "/" --recursive --query="Parameters[*].[Name, Type, Value]" --output text
Example response:
/prod/aaa String xxx
/prod/bbb String yyy
/prod/ccc String zzz
Upvotes: 8
Reputation: 422
I created a utility which does exactly what you want:
pip install aws-ssm-copy
aws-ssm-copy --dry-run --source-profile <source> --recursive /
Checkout the aws-ssm-copy utility and blog for more details.
Upvotes: 8
Reputation: 3475
- Retrieve all parameters via
aws ssm get-parameters-by-path --path "/relative/path/" --recursive - Write the resulting JSON somewhere down - e.g. into a file
- Prepare put commands e.g. with JS
for (const value of params.Parameters) {
const { Name, Value } = value;
console.log(`aws ssm put-parameter --name "${Name}" --value "${Value}" --type "String"`);
}
Upvotes: 17
Reputation: 2365
May be get-parameters-by-path suits here:
aws ssm get-parameters-by-path --path "/" --recursive
https://docs.aws.amazon.com/cli/latest/reference/ssm/get-parameters-by-path.html#synopsis
Upvotes: 5
Related Questions
- List all parameters in AWS SSM Parameter Store
- Unable to fetch paramters (Param Value) from parameter store for this account
- Using SSM Parameter store in AWS Elastic Beanstalk
- Cross account access to SSM parameters
- How to store password in AWS Parameter Store
- How to migrate parameter store data to other Region / AWS Account
- aws cli describe-parameters ( SSM )
- About public parameters in AWS Parameter Store
- AWS SSM get-parameter-by-path Manipulate JSON
- Access SSM parameters from parameter store