https://github.com/signiant/aws-parameter-syncer
Keep things in sync with AWS parameter store parameters
https://github.com/signiant/aws-parameter-syncer
aws hacktoberfest
Last synced: 3 days ago
JSON representation
Keep things in sync with AWS parameter store parameters
- Host: GitHub
- URL: https://github.com/signiant/aws-parameter-syncer
- Owner: Signiant
- License: mit
- Created: 2017-05-09T19:19:05.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2025-03-18T19:20:35.000Z (about 1 year ago)
- Last Synced: 2025-03-18T20:29:08.698Z (about 1 year ago)
- Topics: aws, hacktoberfest
- Language: Python
- Homepage:
- Size: 24.4 KB
- Stars: 1
- Watchers: 4
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# aws-parameter-syncer
Keep file contents in sync with matching parameters in AWS Parameter Store
## Variables
- VERBOSE - enable more logging if set to 1
- UMASK - optional UMASK value to use for files created
- FREQUENCY - How often to check for changes (in seconds). Default is 300 seconds (5 minutes).
- AWS_ACCESS_KEY_ID - The AWS Access Key Id value
- AWS_SECRET_ACCESS_KEY - The AWS Secret Access Key value
- AWS_REGION - AWS Region to search (defaults to us-east-1)
- PARAM_PREFIX - The prefix for the parameters to keep in sync
- resulting filenames will be the parameter name minus the PARAM_PREFIX
- eg. Following parameters in parameter store: TESTING_param1.txt, TESTING_param2.conf
- export PARAM_PREFIX=TESTING_
- TESTING_param1.txt will be compared against param1.txt
- TESTING_param2.conf will be compared against param2.conf
- SAVE_AWS_CREDS - List of tuples (filename, profile name) to save AWS Credentials to (saved to credentials dir)
- value should be space separated list, e.g. aws_cli_credentials default aws_boto_credentials prod
- if a space is required in the profile name, e.g. profile prod, substitute # for a space, e.g. profile#prod
The docker container exposes /credentials as a volume - this can be shared with other
containers or mounted to the local file system
## Example Docker runs
This example checks AWS Parameter Store in the default us-east-1 region every 600 seconds (10 minutes)
for parameters containing 'TESTING_'. The credentials in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are
used to access the AWS Parameter Store. The parameter values will be checked against files in the local
folder 'credentials-dir' which is mounted into the container at '/credentials'. The credentials used to access
the AWS Parameter Store will be saved to /credentials/aws_cli_credentials file with a profile name of 'default'
and no (default) region specified.
````
docker run -d -e "FREQUENCY=600" \
-e "VERBOSE=1" \
-e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID" \
-e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY" \
-e "PARAM_PREFIX=TESTING_" \
-e "SAVE_AWS_CREDS="aws_cli_credentials default None" \
-v credentials-dir:/credentials \
signiant/aws-parameter-syncer
````
This example checks AWS Parameter Store in the us-west-2 region every 120 seconds (2 minutes)
for parameters containing 'TESTING_'. The credentials in AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are
used to access the AWS Parameter Store. The parameter values will be checked against files in the container
volume '/credentials' which is NOT mounted locally. This volume could be shared with other containers if
desired.
````
docker run -d -e "FREQUENCY=120" \
-e "AWS_ACCESS_KEY_ID=MY_ACCESS_KEY_ID" \
-e "AWS_SECRET_ACCESS_KEY=MY_SECRET_KEY" \
-e "AWS_REGION=us-west-2"
-e "PARAM_PREFIX=TESTING_" \
signiant/aws-parameter-syncer
````