param is a cli tool for talking to AWS Parameter Store. Copy parameters
directly to your clipboard.
param uses Cobra, a library providing a
simple interface to create powerful CLI interfaces similar to git & go tools.
param works with Linux and MacOS.
It also supports bash and zsh completion.
You can install param by downloading the latest binary from the
Releases page or by compiling
from source with go.
go get github.com/thedatashed/paramThis should build a binary at $GOPATH/bin/param
Add $GOPATH/bin to your PATH, or move param to somewhere
already on your PATH.
Run the below command to download the 1.7.2 binary and add it to
/usr/local/bin.
curl -LO https://github.com/TheDataShed/param/releases/download/1.7.2/param-linux-amd64 && \
chmod +x param-linux-amd64 && \
sudo mv param-linux-amd64 /usr/local/bin/paramcurl -LO https://github.com/TheDataShed/param/releases/download/1.7.2/param-darwin-amd64 && \
chmod +x param-darwin-amd64 && \
sudo mv param-darwin-amd64 /usr/local/bin/paramMake sure your terminal session has the correct AWS credentials.
Below is a brief overview for each command.
Full docs for each command can be found at /docs.
Copy a parameter to your clipboard:
$ param copy parameter_nameYou can optionally show the parameter value in your console with the -v flag:
$ param copy parameter_name -v
password123With shell completion enabled, you can press tab to auto-complete the parameter names.
Get a sorted list of parameters in SSM with optional prefix(es):
$ param list
parameter.name.key
parameter2.name.password
...$ param list -p prefix1,prefix2
prefix1.dev.password
prefix1.prod.password
prefix2.keySet a parameter with type SecureString:
$ param set parameter_name password123If the parameter already exists, you must specify the -f flag
to overwrite it:
$ param set parameter_name password456 -fWith shell completion enabled, you can press tab to auto-complete the parameter names.
If you'd like to print out the decrypted parameter without copying it the clipboard, you can use:
$ param show parameter_name
password123With shell completion enabled, you can press tab to auto-complete the parameter names.
param completion (bash|zsh) outputs shell completion code for the specified
shell (bash or zsh).
The shell code must be evaluated to provide interactive completion of
param commands.
This can be done by sourcing it from ~/.bashrc or ~/.zshrc
Source the bash completion script every time you start a shell
by adding a line to your ~/.bashrc file:
source <(param completion bash)You can also run this command to append it for you:
printf "
# param shell completion
source <(param completion bash)
" >> $HOME/.bashrc
source $HOME/.bashrcBecause the call to SSM can be quite slow, param copy caches the list of
parameter names by exporting an array named PARAM_CACHE.
You can clear the cache by unsetting the cache array:
unset PARAM_CACHEYou can stop caching entirely by setting the PARAM_NO_CACHE variable to 1:
export PARAM_NO_CACHE=1Docs for each command can be found at /docs.
They are generated by Cobra by running go run build/generate_docs.go.
param uses Travis CI to test each commit. It also handles GitHub releases
when a new tag is pushed to GitHub.
- New Commands
Delete command - Command to delete parameters- Maybe with a
--yesflag to confim.
- Maybe with a
- Improvements
- Add a flag to specify parameter type.
Currently only works with
SecureStrings. - Better logging and a verbose option to see what calls are made to AWS.
- Copy timeout.
- Configurable timeout for copying a parameter so it doesn't stay in the clipboard indefinitely.
- Hidden input to
param setso you don't have the value in your shell history.
- Add a flag to specify parameter type.
Currently only works with
- Shell Completion
zshcompletion doesn't seem to work.- Update or delete the bash completion cache after creating/deleting parameters
- Add bash completion for other subcommands and flags.
- Command to reset the cache.
- Write Tests
- Improve Documentation
- More Examples
- Write about how to set up AWS variables/profile. (And what capabilities are required)
- Localstack
param listdoesn't work without a-pargument.