1

I am trying to copy SSM Parameters from one account to a different account and different region. I have 100's of parameters which I have imported using get-parameters-by-path.

Now I want to export them to a and different region in a different account. When I add one after the other using :

aws ssm put-parameter --cli-input-json file:///../parameters.json --region us-east-2

With parameters.json as:

    {
      "Name": "/env/../../..",
      "Type": "String",
      "Value": ".."
    }

it works without any issues, but I would like to know how I could export more than one at a time, I want them all to be loaded at once.

Here is the sample paramaters.json which does not work. It doesn't throw any error but prints the same again.

    {
      "Name": "/env/../../..",
      "Type": "String",
      "Value": ".."
    },
    {
      "Name": "/env/../../..",
      "Type": "String",
      "Value": ".."
    },
    {
      "Name": "/env/../../..",
      "Type": "String",
      "Value": " "
    }

I cannot use aws-ssm-copy because both are different regions in different accounts and I am also, modifying the imported values before exporting to the new account which is not possible with aws-ssm-copy.

reddy0969
  • 109
  • 1
  • 10
  • Why not write a bash loop to do it automatically? – Marcin Mar 31 '21 at 00:21
  • 1) That's not valid JSON format. You need to wrap all those objects in brackets [ ... ] to indicate an array. 2) If that doesn't work, @Marcin's point to bash loop might be the way to go – cisco Mar 31 '21 at 00:34
  • You'll definitely need to script this via bash using aws cli or something like Python and boto3. you can loop through the parameters from your source account and then push them to the target account using a different set of credentials – JD D Mar 31 '21 at 00:38
  • Thanks for quick responses. I agree with bash looping, but I am having hard time in building up a loop with the JSON I have, I am seeing errors in indexing. Could someone please help me with my situation. Thanks in advance. – reddy0969 Mar 31 '21 at 01:42
  • Outside of the above comments, this seems to have already been answered in python here [link](https://stackoverflow.com/questions/60329379/how-to-store-get-json-to-from-aws-parameter-store) . You can just modify that script to build a ssm client from the credentials provided from the other account. This is assuming permissions are already taken care of, etc... – Bobshark Mar 31 '21 at 02:17

0 Answers0