Retrieve secrets from AWS Secrets Manager

Question

I have a bunch of secrets (key/value) pairs stored in AWS Secrets Manager. I tried to parse the secrets using jq as:

aws secretsmanager get-secret-value --secret-id <secret_bucket_name> | jq --raw-output '.SecretString' | jq -r .PASSWORD

It retrieves the value stored in .PASSWORD, but the problem is I not only want to retrieve the value stored in key but also want to retrieve the key/value in the following manner:

KEY_1="1234"
KEY_2="0000"
.
.
.
so on...

By running the above command I am not able to parse in this format and also for every key/value I have to run this command many times which is tedious. Am I doing something wrong or is there a better way of doing this?

Answer 1

This isn't related to python, but more related to behaviour of aws cli and jq. I come up with something like this.

aws secretsmanager get-secret-value --secret-id <secret_name> --output text --query SecretString | jq ".[]"

There are literally hundred different ways to format something like this.

aws cli itself has lot of options to filter output using --query option https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-output.html

Exact conversion you are looking for would require somwthing like this:

aws secretsmanager get-secret-value --secret-id <secret_name> --output text --query SecretString \
 | jq  -r 'to_entries[] | [.key, "=", "\"", .value, "\"" ] | @tsv' \
 | tr -d "\t"

There has to be some better way of doing this!!

Answer 2

Try the snippet below. I tend to put these little helper filters into their own shell function <3

tokv() {
  jq -r 'to_entries|map("\(.key|ascii_upcase)=\"\(.value|tostring)\"")|.[]'
}

$ echo '{"foo":"bar","baz":"fee"}' | tokv
FOO="bar"
BAZ="fee"