I have a secret in AWS Secrets Manager created and have many Key-Value pairs added. What I need is, to just append one more key-value pair in it using AWS CLI. I cannot find a command for that in documentation (or maybe overlooking something)
I tried this:
aws secretsmanager put-secret-value \
--secret-id $SECRET_NAME \
--region $REGION \
--secret-string '{"NEW_KEY":"NEW_VALUE"}'
But it removes all old key-value pairs from SecretsManager and leaves the only new one in it.
AWS CLI doesn't have that capability as of now. We need to use any external library/service to achieve this.
Below is an example using jq.
*Assume if your current secret value is {"key1": "value1"}
CURR_VAL=$(aws secretsmanager get-secret-value --secret-id $SECRET_NAME | jq -r ".SecretString")
# o/p: {"key1": "value1"}
NEW_VAL=$(echo $CURR_VAL | jq -c '. += {"key1": "value2"}')
# This will add or update the value of "key1"
# o/p: {"key1":"value2"}
aws secretsmanager put-secret-value --secret-id $SECRET_NAME --secret-string $NEW_VAL
This will update the secret value to {"key1": "value2"}