0

I have assigned output of aws command to a variable:

$SECRET_KEY = (aws secretsmanager get-secret-value --secret-id arn:aws:secretsmanager:us-east-1:12345:secret:non-prod/testing/private-key-8PPof --query 'SecretString' --output text)

Now i want to export the output of this to environment variable.

if i use below

$env:SECRET_KEY=$SECRET_KEY >> output formatting is messed up and everything is coming in one line with spaces for the key instead of newline

Can anyone help with how to export the output of the aws command as environment variable to the powershell cli

mklement0
  • 382,024
  • 64
  • 607
  • 775
Springhills
  • 360
  • 1
  • 5
  • 12

1 Answers1

1

  • Environment variables are invariably strings.

  • In PowerShell, if you assign a value other than a string, that value is automatically stringified (converted to a string)

    • PowerShell reports stdout output from external programs such as aws as a stream of lines, which when captured, become an array of strings (lines).

    • PowerShell stringifies arrays by joining their elements with a single space as the separator,[1] which explains what you saw; a simple example:

      $arr = 1, 2; "$arr" # -> '1 2'

  • In order to assign a multiline string to an environment variable based on output from an external program, you'll have to join the lines explicitly with a newline as the separator.

Therefore:

$env:SECRET_KEY = 
 (
   aws secretsmanager get-secret-value --secret-id arn:aws:secretsmanager:us-east-1:12345:secret:non-prod/testing/private-key-8PPof --query 'SecretString' --output text
 ) -join "`n"

Note: The above uses Unix-format LF-only newlines ("`n"); to use Windows-format CRLF newlines, use "`r`n"

[1] The - rarely used - $OFS preference variable can normally be used to change the default separator. Curiously, however, it has no effect on the implicit stringification that happens on assigning to an environment variable.

mklement0
  • 382,024
  • 64
  • 607
  • 775
  • 1
    Thank you very much. Works well. Thanks for the detailed explanation. this is very helpful. – Springhills Jun 16 '23 at 21:40
  • Thanks for the help with this. Is there anyway we can set the output as a system wide environment variable rather than assigning it to $env:SECRET_KEY is only for that particular shell. I have used this ```[System.Environment]::SetEnvironmentVariable('DB_DRIVER', 'com.mysql.cj.jdbc.Driver', [System.EnvironmentVariableTarget]::Machine)``` Can we set the output of aws command directly to the sytem environment variable ? – Springhills Jun 22 '23 at 14:21
  • @Springhills, yes, you can enclose the ``(...) -join "`n"`` call in `(...)` and use it directly as an argument in the `[System.Environment]::SetEnvironmentVariable()` call. However, note that such a call (which fundamentally works on Windows only) updates the _persistent_ definition of the environment variable for _future_ sessions. If you also want it for the _current_ session (process), set `$env:SECRET_KEY` as shown in the answer and then pass `$env:SECRET_KEY` to `[System.Environment]::SetEnvironmentVariable()` – mklement0 Jun 22 '23 at 14:27
  • Hi @mklement0 I want that variable to be persist for that machine using as userdata script for new windows machine spin up Can you please give the full syntax to use. Did not get how to add system environment variable. should i do something like below ```$env:SECRET_KEY = ( aws secretsmanager get-secret-value --secret-id arn:aws:secretsmanager:us-east-1:12345:secret:non-prod/testing/private-key-8PPof --query 'SecretString' --output text ) -join "`r`n" System.Environment]::SetEnvironmentVariable('SECRET_KEY', '$env:SECRET_KEY', [System.EnvironmentVariableTarget]::Machine)``` – Springhills Jun 22 '23 at 14:31
  • 1
    @Springhills, replace `'$env:SECRET_KEY'` with `$env:SECRET_KEY` - whatever is inside `'...'` is used _verbatim_. Note that you'll need elevation (running as admin) for your call. – mklement0 Jun 22 '23 at 14:36
  • Thank you again.. life saver.. it works fine. If its not too much to ask.. need one more help. trying to run powershell script as userdata so i started with How to run it as administrator when spinning up new windows machine and trigger this user data script as administrator ? – Springhills Jun 22 '23 at 14:48
  • 1
    Glad to hear it, @Springhills: See if [this answer](https://stackoverflow.com/a/71471730/45375) helps. – mklement0 Jun 22 '23 at 14:56