bwits / ssm_parameter_store Goto Github PK
View Code? Open in Web Editor NEW[Abandoned] ansible module to manage key/value in aws parameter store
License: GNU General Public License v3.0
[Abandoned] ansible module to manage key/value in aws parameter store
License: GNU General Public License v3.0
looks like, with calling client.put_parameter, if you passed KeyId='aws/ssm', you will get InvalidKeyId
so in the case without key_id option or key_id is set 'aws/ssm', KeyId can't be present when making put_parameter call.
Hey Bill,
Thanks so much for not only open sourcing your efforts here, but also for taking the time to submit them upstream to Ansible. Turned my few-day PoC for secrets in SSM Parameter Store into a few-hour project.
Would you have any interest in implementing a recursive GET for parameters occupying a given path, delivered as a dictionary? It's unclear to me from the API documentation whether GetParametersByPath will deliver a mix of String and SecureString values, or error if unencrypted values are encountered (in which case this would need to be a DescribeParameters -> GetParameter loop). I'd suspect the former.
The use case for me is wanting a full tree of envvars in /environ/project/env/
deployed with each Ansible run rather than needing to advance a Jinja2 template through environments where the key existing in Parameter Store is unreliable.
I'm happy to implement this if you don't see any pitfalls and would consider this project rather than Ansible, the proper place to send a PR. Thanks!
This "show" option is better than lookup, as lookup only works with the current region.
Hello,
I'm trying to use the example to create a parameter:
- name: Create or update key/value pair in aws parameter store
ssm_parameter_store:
name: "Hello"
description: "This is your first key"
value: "World"
It results in this:
Traceback (most recent call last):
File "/tmp/ansible_i50RV5/ansible_module_ssm_parameter_store.py", line 221, in <module>
main()
File "/tmp/ansible_i50RV5/ansible_module_ssm_parameter_store.py", line 210, in main
except botocore.exceptions.NoCredentialsError as e:
NameError: global name 'botocore' is not defined
fatal: [localhost]: FAILED! => {
"changed": false,
"failed": true,
"module_stderr": "Traceback (most recent call last):\n File \"/tmp/ansible_i50RV5/ansible_module_ssm_parameter_store.py\", line 221, in <module>\n main()\n File \"/tmp/ansible_i50RV5/ansible_module_ssm_parameter_store.py\", line 210, in main\n except botocore.exceptions.NoCredentialsError as e:\nNameError: global name 'botocore' is not defined\n",
"module_stdout": "",
"msg": "MODULE FAILURE",
"rc": 0
}
Strange thing that lookups work!
- name: Parameters can be provided after the key be more specific about what to retrieve
debug: msg='key contains {{item}}'
with_ssm:
- '/UAT'
- 'region=ap-southeast-2'
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.