0

I try to use the AWS secrets manager in the linux system. I could use aws cli command

aws secretsmanager get-secret-value --secret-id abc_account --version-stage AWSCURRENT

to get following output

{
    "ARN": "arn:aws:secretsmanager:us-east-1:123456789:secret:abc_account-XhteiW",
    "Name": "abc_account",
    "VersionId": "89637ef4-4594-4c63-9887-3f7d2c7ccc6f",
    "SecretString": "{\"username\":\"abc_account\",\"password\":\"PASSWORD111\"}",
    "VersionStages": [
        "AWSCURRENT"
    ],
    "CreatedDate": "2021-02-08T23:57:58.325000-05:00"
}

what I need is to save the password PASSWORD111 into a variable var1 in the linux. something like

var1=$(aws secretsmanager get-secret-value --secret-id svc_vma_insights_data_platform --version-stage AWSCURRENT | awk XXXXXX )
or 
var1=$(aws secretsmanager get-secret-value --secret-id svc_vma_insights_data_platform --version-stage AWSCURRENT | grep XXXXXX )
Improve this question

2 Answers 2

Reset to default
2

This is extracting the secret string from the JSON output, and then extracting the password from that JSON:

passwd=$(aws ...  | jq -r '.SecretString' | jq -r '.password')
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

On linux you may try this gnu grep:

var1=$(aws ... | grep -oP 'password\W+\K[^"\\]+')
echo "$var1"

PASSWORD111

Command regex:

  • password\W+: Match text password followed by 1+ non-word characters
  • \K: Reset match info
  • [^"\\]+: Match 1+ of any character that is not a " and not a \
Improve this answer

1 Comment

Great. That works fine. Thank you so much.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.