Accessing AWS Secrets Manager in Alpine Linux

606 views Asked by At

I am accessing AWS Secrets Manager in Alpine Linux, though I can't see a way to get a value only from secret string without installing jq resource in Linux.

I know the below command will solve but jq is not a standard utility:

aws secretsmanager get-secret-value --secret-id secrets| jq --raw-output '.SecretString' | jq -r .<KeyName>

I'm stuck at checking the below command but it would return JSON format with 3 key-value pairs:

aws secretsmanager get-secret-value --secret-id secrets --query SecretString --output text

Also one option is to use Systems Manager Parameter Store which is possible but I don't like to create them 1-by-1 like in Secrets Manager you can store username, password, URL in one secret string.

1

There are 1 answers

0
John Rotenstein On BEST ANSWER

It looks like are correct using jq, since the AWS CLI cannot interpret that field.

This is because the SecretString field on a secret is a string, which is not interpreted by the AWS CLI as a JSON object:

{
    "ARN": "arn:aws:secretsmanager:ap-southeast-2:...:secret:foo-GZPisx",
    "Name": "foo",
    "VersionId": "...",
    "SecretString": "{\"my-key\":\"my-value\"}",      <-- This is a string
    "VersionStages": [
        "AWSCURRENT"
    ],
    "CreatedDate": 1601860373.721
}