Skip to content
/ aws-parameter-syncer Public

Keep things in sync with AWS parameter store parameters

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Signiant/aws-parameter-syncer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
parameter_sync.py
parameter_sync.py
 
 
parameter_sync.sh
parameter_sync.sh
 
 

Repository files navigation

aws-parameter-syncer

Keep file contents in sync with matching parameters in AWS Parameter Store

Variables

  • VERBOSE - enable more logging if set to 1
  • UMASK - optional UMASK value to use for files created
  • FREQUENCY - How often to check for changes (in seconds). Default is 300 seconds (5 minutes).
  • AWS_ACCESS_KEY_ID - The AWS Access Key Id value
  • AWS_SECRET_ACCESS_KEY - The AWS Secret Access Key value
  • AWS_REGION - AWS Region to search (defaults to us-east-1)
  • PARAM_PREFIX - The prefix for the parameters to keep in sync
    • resulting filenames will be the parameter name minus the PARAM_PREFIX
    • eg. Following parameters in parameter store: TESTING_param1.txt, TESTING_param2.conf
      • export PARAM_PREFIX=TESTING_
      • TESTING_param1.txt will be compared against param1.txt
      • TESTING_param2.conf will be compared against param2.conf
  • SAVE_AWS_CREDS - List of tuples (filename, profile name) to save AWS Credentials to (saved to credentials dir)
    • value should be space separated list, e.g. aws_cli_credentials default aws_boto_credentials prod
    • if a space is required in the profile name, e.g. profile prod, substitute # for a space, e.g. profile#prod

The docker container exposes /credentials as a volume - this can be shared with other containers or mounted to the local file system

Example Docker runs

This example checks AWS Parameter Store in the default us-east-1 region every 600 seconds (10 minutes) for parameters containing 'TESTING_'. The credentials in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are used to access the AWS Parameter Store. The parameter values will be checked against files in the local folder 'credentials-dir' which is mounted into the container at '/credentials'. The credentials used to access the AWS Parameter Store will be saved to /credentials/aws_cli_credentials file with a profile name of 'default' and no (default) region specified.

docker run -d -e "FREQUENCY=600" \
 -e "VERBOSE=1" \
 -e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID" \
 -e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY" \
 -e "PARAM_PREFIX=TESTING_" \
 -e "SAVE_AWS_CREDS="aws_cli_credentials default None" \
 -v credentials-dir:/credentials \
 signiant/aws-parameter-syncer

This example checks AWS Parameter Store in the us-west-2 region every 120 seconds (2 minutes) for parameters containing 'TESTING_'. The credentials in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are used to access the AWS Parameter Store. The parameter values will be checked against files in the container volume '/credentials' which is NOT mounted locally. This volume could be shared with other containers if desired.

docker run -d -e "FREQUENCY=120" \
 -e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID" \
 -e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY" \
 -e "AWS_REGION=us-west-2"
 -e "PARAM_PREFIX=TESTING_" \
 signiant/aws-parameter-syncer

About

Keep things in sync with AWS parameter store parameters

Topics

aws hacktoberfest

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

1 star

Watchers

5 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages