How to export parameters from aws parameter store and import into another account

Question

on my first aws account I have parameters specified in the following manner:

/config/a => value1
/config/b => value2
/config/c/a => value31
/config/c/b => value32

I want to move these to my second aws account.

I created these parameters in the parameter store manually.

How could I easily copy these values from one account to the other?

Using aws ssm get-parameters --names "<param-name>" would be a bit too difficult, since I have way too many parameters.

Answer 1

1. Retrieve all parameters via aws ssm get-parameters-by-path --path "/relative/path/" --recursive
2. Write the resulting JSON somewhere down - e.g. into a file
3. Prepare put commands e.g. with JS

for (const value of params.Parameters) {
    const { Name, Value } = value;
    console.log(`aws ssm put-parameter --name "${Name}" --value "${Value}" --type "String"`);
}

Answer 2

I created a utility which does exactly what you want:

pip install aws-ssm-copy
aws-ssm-copy --dry-run --source-profile <source> --recursive /

Checkout the aws-ssm-copy utility and blog for more details.

Answer 3

Here is my version that outputs all parameters' Name, Type and Value in a TSV (tab-separated values) format:

aws ssm get-parameters-by-path --path "/" --recursive --query="Parameters[*].[Name, Type, Value]" --output text

Example response:

/prod/aaa    String  xxx
/prod/bbb    String  yyy
/prod/ccc    String  zzz

Answer 4

May be get-parameters-by-path suits here: aws ssm get-parameters-by-path --path "/" --recursive

https://docs.aws.amazon.com/cli/latest/reference/ssm/get-parameters-by-path.html#synopsis

Answer 5

Using following cmd you can easily get Name and values of parameters store.

$ aws ssm get-parameters-by-path --path "/" --recursive --query="Parameters[*].[Name, Value]" --output json>parameters.json

Answer 6

well I know it is has been a year but, for people who are still trying to figure out here is the detailed solution,

So you need to run following command to fetch all the parameters in your current region:

aws ssm get-parameters-by-path --path "/" --recursive --with-decryption --region eu-west-2

you will get a JSON formatted response. Just copy the response and paste it into a file (*.txt file then rename it to *.json). You have your JSON file with all the current parameters

I published that code into a git repository here. Just clone that repository after cloning add your desired region here :

const ssm = new AWS.SSM({

apiVersion: '2014-11-06';,

region: 'eu-west-2'; // add your destination region here.

});

and your json file here: const { Parameters } = await require('<YOUR JSON FILE>.json');

Then Install npm packages by running command npm install and run the script by command npm start

Answer 7

You can try something like this:

$source_path=""
$source_region=""
$destination_path=""
$destination_region=""

aws_output=$(aws ssm get-parameters-by-path \
    --path "$source_path" \
    --with-decryption \
    --recursive \
    --query "Parameters[*].[Name, Type, Value]" \
    --output json \
    --region "$source_region")

echo "$aws_output" | jq -r '.[] | [.[0], .[1], .[2]] | @tsv' | while IFS=$'\t' read -r full_source_path type value; do
    full_destination_path="${full_source_path/$source_path/$destination_path}"
    if [ "$dry_run" = true ]; then
        echo "[Dry run] Copying: $full_source_path -($type)-> $full_destination_path"
    else
        echo "[Dry run] Copying: $full_source_path -($type)-> $full_destination_path"
        aws ssm put-parameter \
            --name "$full_destination_path" \
            --value "$value" \
            --type "$type" \
            --region "$destination_region"
    fi
done

Or full version here: https://gist.github.com/johnymachine/15fd9d4b7c5fdf51165258962e52488d