Export AWS SSM Parameter Store as Environment Variables with Bash

Diego CornejoDiego Cornejo
3 min read

Table of contents

1. Add parameters to AWS System Manager

aws ssm put-parameter --name "/my-app/my-param-name" --value "my-param-value" --type "String"

Replace "/my-app/my-param-name" with the desired path and name for the parameter. Note that the path must begin with a forward slash (/) and can include multiple levels separated by forward slashes. Also, if the path does not exist, the put-parameter command will create it automatically.

Make sure you have permission to create parameters in the SSM parameter store, and specify any necessary additional parameters like --region or --profile.

2. Create the bash script

The script sets some parameters like APP, SERVICE, ENVIRONMENT, and REGION. These variables are used to construct the SSM path to retrieve the parameters.

The script uses the aws ssm get-parameters-by-path command to retrieve all SSM parameter names under the given path. Then, it loops through each parameter and exports it as an environment variable. The script also appends the export statements to the ~/.bashrc file so that they persist on future logins.

Finally, the script reloads the ~/.bashrc file with the source command.

Create a file for the script

nano export-ssm-params.sh
#or
vim export-ssm-params.sh

Copy/paste the following code.

Here's the script:

#!/bin/bash

# This script will export all SSM parameters under a given path as environment variables
# It will also append the export statements to the ~/.bashrc file so that they are available on future logins

# Set some parameters
APP="myapp"
SERVICE="api"
ENVIRONMENT="production"
REGION="us-east-1"

# Set the SSM path
SSM_PATH="/$APP/$SERVICE/$ENVIRONMENT"

# Get all SSM parameter names under the given path
SSM_PARAMETER_NAMES=$(aws ssm get-parameters-by-path \
  --region $REGION \
  --path "$SSM_PATH" \
  --recursive \
  --with-decryption \
  --query 'Parameters[].Name' \
  --output text)

# Loop through each parameter and export it as an environment variable
for name in $SSM_PARAMETER_NAMES; do
  value=$(aws ssm get-parameter \
    --region $REGION \
    --name $name \
    --with-decryption \
    --query 'Parameter.Value' \
    --output text)
  if [ ! -z "$name" ] && [ ! -z "$value" ]; then
    name=$(echo $name | awk -F/ '{print toupper($NF)}')
    export "$name"="$value"
    echo "Exported variable: $name=$value"
    echo "export $name=$value" >> ~/.bashrc
  fi
done

# Reload the bashrc file
source ~/.bashrc

3. How to Run the Script

To use this script, you need to have the AWS client (awscli) installed and configured to authenticate to an AWS account. Then, simply execute the script with Bash in a terminal.

You can save the script in a file with .sh extension, for example export-ssm-params.sh. 

nano export-ssm-params.sh
#or
vim export-ssm-params.sh

Don't forget add execution permission

chmod +x export-ssm-params.sh

Now you can run the script with the following command:

bash export-ssm-params.sh
#or
./export-ssm-params.sh

Conclusion

In summary, this bash script is useful to export AWS Systems Manager parameters as environment variables. This can be helpful in different situations, for example, to avoid the need to repeatedly call the AWS API to get the parameter values.

Additionally, the script also adds the export statements to the ~/.bashrc file, meaning that the environment variables will be available in future Bash terminal sessions.

0
Subscribe to my newsletter

Read articles from Diego Cornejo directly inside your inbox. Subscribe to the newsletter, and don't miss out.

AWSssmEnvironment variablessystem manager

Written by

Diego Cornejo
Diego Cornejo