Inspired by ssm-env.
Usually, if you are using libraries like godotenv to load environment variables from a .env file, but you won't like to place the secrets in the .env file, you can use ssm2dotenv command to load the secrets from AWS SSM Parameter Store.
Suppose that you have the following parameters in aws SSM:
| key | value |
|---|---|
| /app-api/test/DB_DSN | postgres://xxx:yyyy/test_db |
| /app-api/prod/DB_DSN | postgres://xxx:yyyy/prod_db |
And you have the following sample.env template file:
ENV=test
DB_META_DSNS=ssm:///app-api/${env}/DB_DSN
PORT=8080Then, you can run the following command to get the env file
$ ssm2dotenv --env test -i ./sample.env -o ./.envSo you can get the env file including secrets just only existing during the local development or your CI/CD pipeline.
ENV=test
DB_META_DSNS=postgres://xxx:yyyy/test_db
PORT=8080