Replace variable in AWS cli to update secret manager password

Question

I am newbie in AWS world. I would like to update the secret credentials from aws cli. Below command works perfect for me:

aws secretsmanager update-secret --secret-id mysecret --region us-east-1 \
--secret-string '{"username":"anika","password":"mypwd"}'

But if I pass a variable $serverPwd it does not replace the variable $serverPwd=mypwd

aws secretsmanager update-secret --secret-id mysecret --region us-east-1 \
--secret-string '{"username":"anika","password":"$serverPwd"}

Any thoughts how to pass variable?

st_rt_dl_8 · Accepted Answer · 2021-03-25T03:19:42.723

3

The problem is not with aws-cli but with the way the variable is being parsed. Try this: aws secretsmanager update-secret --secret-id mysecret --region us-east-1 --secret-string '{"username":"anika","password":"'"$serverPwd"'"}'

This will allow the variable expansion properly.

edited Mar 25 '21 at 03:19

answered Mar 25 '21 at 01:49

st_rt_dl_8

317
2
11

score 0 · Answer 2 · answered Mar 23 '21 at 21:52

AWS CLI commands support the ability to accept all of the parameter input from a file using the --cli-input-json and --cli-input-yaml parameters. as the following:

generate a template formatted in JSON

aws secretsmanager update-secret --generate-cli-skeleton input > secretsmanage.json
edit secretsmanage.json and provide values for the parameters you need and remove parameters you do not need.
run aws secretsmanager update-secret using --cli-input-json parameter like the following:

aws secretsmanager update-secret --cli-input-json file://secretsmanage.json

Replace variable in AWS cli to update secret manager password

2 Answers2