Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Calling AWS secrets manager with PowerShell PoSH #105

Open
asktechsupport opened this issue Aug 21, 2024 · 0 comments
Open

Calling AWS secrets manager with PowerShell PoSH #105

asktechsupport opened this issue Aug 21, 2024 · 0 comments
Milestone
Cloud Engineer

Comments

@asktechsupport
Copy link
Owner

asktechsupport commented Aug 21, 2024
edited
Loading

To pull credentials from AWS Secrets Manager using PowerShell, you can use the AWS Tools for PowerShell, which provides cmdlets to interact with AWS services. Below is a step-by-step guide on how to retrieve credentials stored in AWS Secrets Manager.

Prerequisites

  1. AWS Tools for PowerShell: Ensure that the AWS Tools for PowerShell are installed. You can install them using the following command:
Install-Module -Name AWSPowerShell.NetCore -Force -AllowClobber
  1. AWS Credentials: Make sure you have configured your AWS credentials. You can do this using the AWS CLI or directly within the PowerShell session.

Steps to Retrieve Credentials from AWS Secrets Manager

  1. Import the AWS PowerShell Module
Import-Module AWSPowerShell.NetCore
  1. Retrieve a Secret from AWS Secrets Manager
    Use the Get-SECSecretValue cmdlet to retrieve the secret. Replace "your-secret-name" with the name of your secret.
# Retrieve the secret
$secretValue = Get-SECSecretValue -SecretId "your-secret-name"
# Parse the secret if it's stored as a JSON object
$secretObject = $secretValue.SecretString | ConvertFrom-Json
# Display the secret object or specific credentials
$secretObject
  1. Access Specific Credentials
    If your secret is stored as a JSON object with keys like username and password, you can access these values directly:
# Access specific credentials
$username = $secretObject.username
$password = $secretObject.password
# Output the credentials
Write-Host "Username: $username"
Write-Host "Password: $password"

Example Workflow

Assume you have a secret in AWS Secrets Manager named MyDatabaseCredentials that stores a JSON object like this:

{
   "username": "myDBUser",
   "password": "myDBPassword"
}

Your PowerShell script to retrieve and use these credentials would look like this:

# Import AWS PowerShell module
Import-Module AWSPowerShell.NetCore
# Retrieve the secret from AWS Secrets Manager
$secretValue = Get-SECSecretValue -SecretId "MyDatabaseCredentials"
# Parse the JSON string into a PowerShell object
$secretObject = $secretValue.SecretString | ConvertFrom-Json
# Extract the credentials
$username = $secretObject.username
$password = $secretObject.password
# Output the credentials (for demonstration purposes only)
Write-Host "Username: $username"
Write-Host "Password: $password"
# Use the credentials for further processing
# For example, connecting to a database, etc.

Important Notes

  • Security: Be mindful of where and how you output the credentials, especially in production environments. Avoid writing them to the console or logs unless necessary.
  • IAM Permissions: Ensure that the IAM role or user running this script has the necessary permissions to access the secret in AWS Secrets Manager.
    This script provides a straightforward way to securely retrieve and use credentials stored in AWS Secrets Manager using PowerShell.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
posh-iaac
Status: No status
Milestone
Cloud Engineer
Development

No branches or pull requests
1 participant
@asktechsupport