3

I have a bunch of secrets (key/value) pairs stored in AWS Secrets Manager. I tried to parse the secrets using jq as:

aws secretsmanager get-secret-value --secret-id <secret_bucket_name> | jq --raw-output '.SecretString' | jq -r .PASSWORD

It retrieves the value stored in .PASSWORD, but the problem is I not only want to retrieve the value stored in key but also want to retrieve the key/value in the following manner:

KEY_1="1234" KEY_2="0000" . . . so on...

By running the above command I am not able to parse in this format and also for every key/value I have to run this command many times which is tedious. Am I doing something wrong or is there a better way of doing this?

Improve this question

2 Answers 2

Reset to default
7

This isn't related to python, but more related to behaviour of aws cli and jq. I come up with something like this.

aws secretsmanager get-secret-value --secret-id <secret_name> --output text --query SecretString | jq ".[]"

There are literally hundred different ways to format something like this.

aws cli itself has lot of options to filter output using --query option https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-output.html

Exact conversion you are looking for would require somwthing like this:

aws secretsmanager get-secret-value --secret-id <secret_name> --output text --query SecretString \ | jq -r 'to_entries[] | [.key, "=", "\"", .value, "\"" ] | @tsv' \ | tr -d "\t"

There has to be some better way of doing this!!

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I need the values to be printed as it is they're stored in AWS secrets manager. This command is working but it is putting an extra "" quotation marks. Example: Stored value in secrets manager is something like this... KEY_1 "XXXX" but when running this command it is giving output like this... KEY_1=""XXXX"" How to avoid these extra quotation marks?
You can remove additional quotes "\"" I added to command and keep it just [.key, "=", .value ]
3

Try the snippet below. I tend to put these little helper filters into their own shell function <3

tokv() { jq -r 'to_entries|map("\(.key|ascii_upcase)=\"\(.value|tostring)\"")|.[]' } $ echo '{"foo":"bar","baz":"fee"}' | tokv FOO="bar" BAZ="fee"
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.