Questions tagged with AWS Systems Manager

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

AWS Parameters and Secrets Lambda Extension does not work with parameter ARN's

The [AWS documentation](https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-integration-lambda-extensions.html#sample-commands-ps) for the Parameters and Secrets Lambda Extension states: ``` To make a call using the Amazon Resource Name (ARN) for a parameter, make an HTTP GET call similar to the following. GET http://localhost:port/systemsmanager/parameters/get?name=arn:aws:ssm:us-east-1:123456789012:parameter/MyParameter ``` however these requests return a 400 stating the parameter name is invalid. Here's a quick example to demonstrate the successful request using the parameter name, and the failed request using the parameter ARN: ```py import json import os from botocore.vendored import requests def lambda_handler(event, context): name_url = 'http://localhost:2773/systemsmanager/parameters/get?name=test-param' arn_url = 'http://localhost:2773/systemsmanager/parameters/get?name=arn:aws:ssm:us-east-2:{ACCOUNT_ID}:parameter/test-param' headers = {'X-Aws-Parameters-Secrets-Token': os.environ['AWS_SESSION_TOKEN']} name_resp = requests.get(name_url, headers=headers) print(f'NAME RESPONSE: {name_resp.status_code} > {name_resp.text}') arn_resp = requests.get(arn_url, headers=headers) print(f'ARN RESPONSE: {arn_resp.status_code} > {arn_resp.text}') ``` and the output: ``` NAME RESPONSE: 200 > {"Parameter":{"ARN":"arn:aws:ssm:us-east-2:{ACCOUNT_ID}:parameter/test-param","DataType":"text","LastModifiedDate":"2022-11-26T02:25:14.669Z","Name":"test-param","Selector":null,"SourceResult":null,"Type":"SecureString","Value":"AQICAH....=","Version":2},"ResultMetadata":{}} ARN RESPONSE: 400 > an unexpected error occurred while executing request [AWS Parameters and Secrets Lambda Extension] 2022/11/26 18:09:36 ERROR GetParameter request encountered an error: operation error SSM: GetParameter, https response error StatusCode: 400, RequestID: {REQUEST_ID}, api error ValidationException: Invalid parameter name. Please use correct syntax for referencing a version/label <name>:<version/label> ``` The docs also state: ``` When using GET calls, parameter values must be encoded for HTTP to preserve special characters. ``` however the error still occurs whether the ARN colons and/or slash are URL-encoded or not like so: ``` http://localhost:2773/systemsmanager/parameters/get?name=arn%3Aaws%3Assm%3Aus-east-2%3A{ACCOUNT_ID}%3Aparameter/test-param http://localhost:2773/systemsmanager/parameters/get?name=arn%3Aaws%3Assm%3Aus-east-2%3A{ACCOUNT_ID}%3Aparameter%2Ftest-param ``` Am I missing something here or is the documentation incorrect in that an ARN can be used for these requests?
0
answers
0
votes
15
views
andy
asked 20 hours ago

AWS SSM adds \t and removes ' ocassionally

very weird thing happening in AWS SSM Parameter Input. The pasted input below gets modified in AWS SSM Automation Documents. Can anyone tell me why this happens? It breaks my script and i can't work with this. here's my code ``` schemaVersion: "2.2" description: "Check HANA DB and stop it LINUX" mainSteps: - action: "aws:runShellScript" name: "HANA_DB_STOP" inputs: runCommand: - '#### errocodes' - '#### 0 = SCRIPT RAN OK' - '#### 10 = SCRIPT FAILED' - '' - '# stop hana db' - 'echo "Stopping Hana DB"' - 'sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function Stop' - '' - '# check hana db state' - 'echo "Checking if Hana DB is running."' - 'HANADBSTATUS=`sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function GetProcessList`' - 'sleep 20' - 'if [[ "$HANADBSTATUS" =~ "GRAY" ]]' - 'then' - ' echo "Hana DB is stopped."' - ' exit 0' - 'else' - 'i=1' - 'while [[ ! "$HANADBSTATUS" =~ "GRAY" ]] && [[ "$i" -lt 11 ]]' - ' do' - ' echo "Warning: HANA DB is running. Checking 10 times with 20 second intervalls until script aborts. This is check $i." ' - ' sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function Stop' - ' sleep 20' - ' # check db state again' - ' HANADBSTATUS=`sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function GetProcessList`' - ' ((i++))' - ' if [ "$i" = 10 ]' - ' then' - ' echo "Error: retried $i-Times. Couldnt stop DB. Exiting Script."' - ' echo "Script aborts with Error 0"' - ' exit 10' - ' fi' - ' done' - ' if [[ "$HANADBSTATUS" =~ "GRAY" ]]' - ' then' - ' echo "Hana DB is stopped."' - ' exit 0' - ' fi' - 'fi' ``` This is the output AWS gives me ``` schemaVersion: '2.2' description: Check HANA DB and stop it LINUX mainSteps: - action: 'aws:runShellScript' name: HANA_DB_STOP inputs: runCommand: - '#### errocodes' - "#### 0\t= SCRIPT RAN OK" - "#### 10\t= SCRIPT FAILED" - '' - '# stop hana db' - echo "Stopping Hana DB" - sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function Stop - '' - '# check hana db state' - echo "Checking if Hana DB is running." - HANADBSTATUS=`sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function GetProcessList` - sleep 20 - 'if [[ "$HANADBSTATUS" =~ "GRAY" ]]' - then - ' echo "Hana DB is stopped."' - ' exit 0' - else - i=1 - 'while [[ ! "$HANADBSTATUS" =~ "GRAY" ]] && [[ "$i" -lt 11 ]]' - "\tdo" - "\t\techo \"Warning: HANA DB is running. Checking 10 times with 20 second intervalls until script aborts. This is check $i.\" " - "\t\tsudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function Stop" - "\t\tsleep 20" - "\t\t# check db state again" - "\t\tHANADBSTATUS=`sudo /usr/sap/hostctrl/exe/sapcontrol -nr 00 -function GetProcessList`" - "\t\t((i++))" - "\t\tif [ \"$i\" = 10 ]" - "\t\t\tthen" - "\t\t\t\techo \"Error: retried $i-Times. Couldnt stop DB. Exiting Script.\"" - "\t\t\t\techo \"Script aborts with Error 0\"" - "\t\t\t\texit 10" - "\t\tfi" - "\tdone" - "\tif [[ \"$HANADBSTATUS\" =~ \"GRAY\" ]]" - ' then' - ' echo "Hana DB is stopped."' - ' exit 0' - "\tfi" - fi ``` I know why \t gets added, but i still don't understand why and how it removes the ' in my scripts
1
answers
0
votes
37
views
asked 4 days ago