Skip to content

Instantly share code, notes, and snippets.

@dkgndianko

dkgndianko/aws_ssm_parameters.sh

Last active November 25, 2025 13:04
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save dkgndianko/e4b8c648c69bd7467400372d865c610e to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save dkgndianko/e4b8c648c69bd7467400372d865c610e to your computer and use it in GitHub Desktop.
Download ZIP
Manipulate AWS Parameter Store
Raw
aws_ssm_parameters.sh
#!/bin/bash
# Get a single parameter value
get_ssm_parameter_value() {
local param_name=$1
local value=$(aws ssm get-parameter \
--name "$param_name" \
--with-decryption \
--query 'Parameter.Value' \
--output text 2>/dev/null)
if [ $? -eq 0 ]; then
echo "$value"
return 0
else
return 1
fi
}
# Get all parameter values for a given prefix
get_ssm_parameter_values() {
local prefix=$1
IFS=$'\n'
local params=( $(list_ssm_parameters "$prefix") )
unset IFS
if [ -z "$params" ]; then
echo "No parameters found with prefix: $prefix"
return 1
fi
for param in $params; do
value=$(get_ssm_parameter_value "$param")
if [ $? -eq 0 ]; then
echo "$param=$value"
else
echo "$param=ERROR (could not retrieve)"
fi
done
}
# Get parameter type
get_ssm_parameter_type() {
local param_name=$1
local param_type=$(aws ssm get-parameter \
--name "$param_name" \
--query 'Parameter.Type' \
--output text 2>/dev/null)
if [ $? -eq 0 ]; then
echo "$param_type"
return 0
else
return 1
fi
}
# List all parameter names for a given prefix
list_ssm_parameters() {
local prefix=$1
# local output_format=$2
# if [ -z "$output_format" ]; then
# output_format="json"
# fi
# output_format="json"
aws ssm describe-parameters \
--parameter-filters "Key=Name,Option=BeginsWith,Values=$prefix" \
--query 'Parameters[*].Name' \
--output json | jq -r '.[]'
# aws ssm get-parameters-by-path \
# --path "$prefix" \
# --recursive \
# --query 'Parameters[*].Name' \
# --output json | jq -r '.[]'
}
# Set a parameter value
set_ssm_parameter_value() {
local param_name=$1
local param_value=$2
local param_type=${3:-"String"}
aws ssm put-parameter \
--name "$param_name" \
--value "$param_value" \
--type "$param_type" \
--overwrite \
--output text
if [ $? -eq 0 ]; then
return 0
else
return 1
fi
}
# Copy a parameter from source to destination
copy_ssm_parameter() {
local source_param=$1
local dest_param=$2
echo "Copying parameter: $source_param -> $dest_param"
# Get source parameter value
local value=$(get_ssm_parameter_value "$source_param")
if [ $? -ne 0 ]; then
echo "Error: Could not retrieve source parameter: $source_param"
return 1
fi
if [ -z "$value" ]; then
echo "Error: Source parameter is empty: $source_param"
return 2
fi
local type=$(get_ssm_parameter_type "$source_param")
# Set destination parameter
set_ssm_parameter_value "$dest_param" "$value" "$type"
if [ $? -eq 0 ]; then
echo "✓ Successfully copied parameter"
return 0
else
echo "Error: Could not set destination parameter: $dest_param"
return 1
fi
}
# Copy all parameters from a source prefix to a destination prefix
copy_all_ssm_parameters() {
local source_prefix=$1
local dest_prefix=$2
local skip_list=()
# Parse skip list if provided
if [ $# -gt 2 ]; then
shift 2
while [ $# -gt 0 ]; do
skip_list+=("$1")
shift
done
fi
echo "Copying all parameters from $source_prefix to $dest_prefix"
echo "Skipping: ${skip_list[*]}"
# skip_list=( $skip_list )
# Get all parameters from source prefix
IFS=$'\n'
local params=( $(list_ssm_parameters "$source_prefix") )
unset IFS
if [ -z "$params" ]; then
echo "No parameters found with prefix: $source_prefix"
return 1
fi
# Copy each parameter
for param in $params; do
# Extract parameter name relative to source prefix
local relative_name=${param#$source_prefix}
# Skip if this parameter is in the skip list
local skip=0
for skip_param in "${skip_list[@]}"; do
if [[ "$relative_name" == "$skip_param" ]]; then
skip=1
break
fi
done
if [[ "$skip" -eq 1 ]]; then
echo "Skipping parameter: $param"
continue
fi
# Create corresponding destination parameter name
local dest_param="$dest_prefix$relative_name"
# Copy the parameter
copy_ssm_parameter "$param" "$dest_param"
done
}
# Copy specific parameters from a source prefix to a destination prefix
copy_some_ssm_parameters() {
local source_prefix=$1
local dest_prefix=$2
local params_to_copy=()
# Parse parameters to copy
if [ $# -lt 3 ]; then
echo "Error: At least one parameter name is required"
return 1
fi
shift 2
while [ $# -gt 0 ]; do
params_to_copy+=("$1")
shift
done
echo "Copying specific parameters from $source_prefix to $dest_prefix"
echo "Parameters to copy: ${params_to_copy[*]}"
# Copy each specified parameter
for param in "${params_to_copy[@]}"; do
# Build full source parameter path
local source_param="$source_prefix$param"
# Build full destination parameter path
local dest_param="$dest_prefix$param"
# Copy the parameter
copy_ssm_parameter "$source_param" "$dest_param"
done
}
# Delete a single parameter
delete_ssm_parameter() {
local param_name=$1
echo "Deleting parameter: $param_name"
aws ssm delete-parameter --name "$param_name"
if [ $? -eq 0 ]; then
echo "✓ Successfully deleted parameter"
return 0
else
echo "Error: Could not delete parameter: $param_name"
return 1
fi
}
# Delete all parameters with a given prefix
delete_all_ssm_parameters() {
local prefix=$1
echo "Deleting all parameters with prefix: $prefix"
# Get all parameters with the specified prefix
IFS=$'\n'
local params=( $(list_ssm_parameters "$prefix") )
unset IFS
if [ -z "$params" ]; then
echo "No parameters found with prefix: $prefix"
return 1
fi
# Delete each parameter
for param in $params; do
delete_ssm_parameter "$param"
done
}
# Main script
aws_ssm_parameters() {
if [ $# -lt 2 ]; then
echo "Usage: $0 <command> [arguments]"
echo ""
echo "Commands:"
echo " list <prefix> [format] List parameters with prefix"
echo " get <parameter-name> Get a single parameter value"
echo " copy <source> <destination> Copy parameter from source to destination"
echo " copy-all <source-prefix> <dest-prefix> [skip1 skip2 ...] Copy all parameters from source prefix to destination prefix, skipping listed parameters"
echo " copy-some <source-prefix> <dest-prefix> <param1 ...> Copy specific parameters from source prefix to destination prefix"
echo " delete <parameter-name> Delete a single parameter"
echo " delete-all <prefix> Delete all parameters with a given prefix"
exit 1
fi
COMMAND=$1
case $COMMAND in
list)
if [ -z "$2" ]; then
echo "Error: prefix required"
exit 1
fi
echo "Fetching AWS Parameter Store parameters with prefix: $2"
echo "=========================================="
list_ssm_parameters "$2" "$3"
;;
get)
if [ -z "$2" ]; then
echo "Error: parameter name required"
exit 1
fi
get_ssm_parameter_value "$2"
;;
get-all)
if [ -z "$2" ]; then
echo "Error: prefix required"
exit 1
fi
get_ssm_parameter_values "$2"
;;
copy)
if [ -z "$2" ] || [ -z "$3" ]; then
echo "Error: source and destination parameters required"
exit 1
fi
copy_ssm_parameter "$2" "$3"
;;
copy-all)
if [ -z "$2" ] || [ -z "$3" ]; then
echo "Error: source and destination prefixes required"
exit 1
fi
copy_all_ssm_parameters "$2" "$3" "${@:4}"
;;
copy-some)
if [ -z "$2" ] || [ -z "$3" ]; then
echo "Error: source and destination prefixes required"
exit 1
fi
copy_some_ssm_parameters "$2" "$3" "${@:4}"
;;
delete)
if [ -z "$2" ]; then
echo "Error: parameter name required"
exit 1
fi
delete_ssm_parameter "$2"
;;
delete-all)
if [ -z "$2" ]; then
echo "Error: prefix required"
exit 1
fi
delete_all_ssm_parameters "$2"
;;
*)
echo "Error: Unknown command '$COMMAND'"
exit 1
;;
esac
}
# aws_ssm_parameters "$@"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment