ParameterStore Content Management CLI

This librarycontains tools to fetch, update and delete parameters from the store.

Actions

Fetch

This action allows you to retrieve an entire environment from the parameter store and outputs a JSON file with the contents.

$3

npx @makemydeal/dr-paramstore-config-mgmt-utils fetch -e {env} -f {filespec}

$3

| Parameter | Switch | Required | Description
| --- | --- | --- | ---
| env | --env or -e | Yes | The environment to write to
| file | --file or -f | Yes | The JSON file to write to
| region | --region or -r | No | The region [us-east-1]
| seure | --secure or -s | No | Retrieve only the props that are secure, with a value of 'true' for each prop (create the config-secure.json file)

Update

This action allows you to write an entire environment to the Parameter Store. The recommended action is to use fetch to get the environment, add your changes and then use update to upload the changes. The input file will be JSON which supports String, StringArray and SecureString values

$3

A secure string is encrypted in the AWS ParameterStore. This keeps sensitive values safe. We need to specify a secure file (see below) in order to mark which settings are secure strings.

#### Secure File
The secure file will mimic the schema used by the parameter store to store the values. The only values that are needed are the values that are secure. As secure values are added to the schema, we should also update config-secure.json to refect that. This will allow the command line to know which props to add as SecureString in AWS Parameter Store.

Sanple File:
``
{
"secure": true,
"testAttr: {
"testSetting": true
}
}
`

__You can use the fetch command to create a secure file with the -s switch.__

$3


npx @makemydeal/dr-paramstore-config-mgmt-utils update -e {env} -f {filespec} -s {securefilespec}

$3

| Parameter | Switch | Required | Description
| --- | --- | --- | ---
| env | --env or -e | Yes | The environment to write to
| file | --file or -f | Yes | The JSON file that has the parameters to write
| secure | --secure or -s | No | If supplied, this object will mimic the structure of the --file parameter but only contain entries that should be marked as secure string. If the file is not provided, then any new props will be made as String type and not SecureString.
| region | --region or -r | No | The region [us-east-1]
| delete | --delete or -d | No | If this switch is provided: if values exist in the saved config but not in the new file, should they be deleted from the parameter store [false]

Delete

This utility will delete a entire environment from the parameter store. Input is received via the command line. This is not reversable.

$3

npx @makemydeal/dr-paramstore-config-mgmt-utils delete -e {env}

$3

| Parameter | Switch | Required | Description
| --- | --- | --- | ---
| env | --env or -e | Yes | The environment to delete
| region | --region or -r | No | The region [us-east-1]

Recommended use

1. Call fetch with the -s switch to get the config-secure.json file.
2. Call fetch to get the parameters to the environment. Save the file as config.{env}.json
3. Add the parameters you wish to config.{env}.json
4. If you wish to have any of those newly added params as SecureString datatype, edit config-secure.json to use the same schema for the props you want to be secure with 'true' as their value.
5. Use update` to save the values to the parameter store.