DEV Community

Cover image for How to use AWS SSM in offline mode for daily development.
Aliakbar Salehi
Aliakbar Salehi

Posted on

How to use AWS SSM in offline mode for daily development.

Nowadays lots of teams use AWS SSM to keep their secrets safe, But some times you need to run your app in local development machine without connecting to the AWS SSM.
In this Article I will try to Explain a simple solution to use your secrets in offline mode.

one of the common solution to use AWS SSM is injecting the secrets as environment variable in docker OS. Application can easily access to all variable and secrets which it needs. ssm-env.


AWS CLI has a nice feature to fetch all secrets recursively (--recursive --with-decryption). we use it to fetch All secrets in our local development as a dotenv file.





echo "# Last update = $currentDate" > $SECRET_FILE_PATH

(export AWS_REGION="$REGION"; export AWS_DEFAULT_REGION="$REGION"; aws --profile $PROFILE ssm get-parameters-by-path --path "${AWS_SECRET_PATH}" \
             --recursive --with-decryption \
             --output text --query "Parameters[].[Name,Version,Value]"  \
            | while read key version value  ; do echo "# version $version " >> $SECRET_FILE_PATH ; echo "${key##*/}=$value" >> $SECRET_FILE_PATH ;  done)

The result would be the eu-staging.env file

# Last update = Di 28 Jul 2020 17:26:08 CEST

# version 1 
# version 2 

The Date time on top of file shown you the last Update.

to run your app you could use dotenv-cli

dotenv -e secrets/eu-staging.env yarn start

you could easily extend this script to fetch all environment secrets based on your needs.

Aliakbar Salehi

Top comments (1)

mgrachev profile image
Grachev Mikhail

In addition to using environment variables I can recommend the tool - it’s a lightning-fast linter for .env files. Written in Rust.
Maybe it would be useful for you.