Going forward, use AWS.Tools modules for newer development.
It is much faster to import and definitely offer a better development experience in alignment with the .NET SDK namespace approach.
Use the installer module to simplify versioning and avoid conflicts with automatic clean-up of prior SDK versions.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
|
install-module 'AWS.Tools.Installer' -Scope CurrentUser
$modules = @(
'AWS.Tools.Common'
'AWS.Tools.CostExplorer'
'AWS.Tools.EC2'
'AWS.Tools.Installer'
'AWS.Tools.RDS'
'AWS.Tools.S3'
'AWS.Tools.SecretsManager'
'AWS.Tools.SecurityToken'
'AWS.Tools.SimpleSystemsManagement'
)
Install-AWSToolsModule $modules -Cleanup -Force
|
1
2
3
|
$script:SqlLoginName = (Get-SSMParameterValue -Name $SSMParamLogin -WithDecryption $true).Parameters[0].Value
$script:SqlPassword = (Get-SSMParameterValue -Name $SSMParamPassword -WithDecryption $true).Parameters[0].Value | ConvertTo-SecureString -AsPlainText -Force
$script:SqlCredential = [pscredential]::new($script:SqlLoginName, $script:SqlPassword)
|
Note that this can vary in how you read it based on the format.
The normal format for entries like databases seems to be: {"username":"password"}
or similar.
1
|
$Secret = Get-SECSecretValue -SecretId 'service-accounts/my-secret-id' -ProfileName $ProfileName
|
This is useful when you need to generate some time-sensitive access credentials while connected via an SSM Session and needing to access another account’s resources.
1
2
3
4
5
6
7
8
|
Import-Module aws.tools.common, aws.tools.SecurityToken
Set-AWSCredential -ProfileName 'ProfileName' -scope Global
$cred = Get-STSSessionToken -DurationInSeconds ([timespan]::FromHours(8).TotalSeconds)
@"
`$ENV:AWS_ACCESS_KEY_ID = '$($cred.AccessKeyId)'
`$ENV:AWS_SECRET_ACCESS_KEY = '$($cred.SecretAccessKey)'
`$ENV:AWS_SESSION_TOKEN = '$($cred.SessionToken)'
"@
|
This is based on the AWS install commands, but with a few enhancements to better work on older Windows servers.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
# https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-win.html
$ProgressPreference = 'SilentlyContinue'
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Write-Host "Downloading installer"
$InstallerFile = Join-Path $env:USERPROFILE 'Downloads\SSMAgent_latest.exe'
$invokeWebRequestSplat = @{
Uri = 'https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/windows_amd64/AmazonSSMAgentSetup.exe'
OutFile = $InstallerFile
}
Invoke-WebRequest @invokeWebRequestSplat
Write-Host "Installing SSM Agent"
$startProcessSplat = @{
FilePath = $InstallerFile
ArgumentList = '/S'
}
Start-Process @startProcessSplat
Write-Host "Cleaning up SSM Agent download"
Remove-Item $InstallerFile -Force
Restart-Service AmazonSSMAgent
|
Webmentions
(No webmentions yet.)