stack secrets sync

Synchronize secrets between the local configuration and what is persisted in AWS Systems Manager Parameter Store from stacks within the given command path.

Sync will ask values for secrets missing from Parameter Store and remove secrets from Parameter Store that are not found from the local stack config.

Usage

tkm stacks secrets sync [command-path]

Positional arguments

OptionRequiredDescription
command-pathno
Sync stack secrets within the given command path. Defaults to the root stack group path ("/").

Options

This command has no command-specific options.

Common Options

This command supports the following common options.

OptionRequiredDescription
--helpno
Show help.
--profile PROFILEno
Use a profile configured in ~/.aws/credentials file.
--log LEVELno
Set logging level. Allowed values are "trace", "debug", "info", "warn", "error". Defaults to "info".
--dir DIR
-d DIR
no
Set the project directory from where Takomo loads configuration.
--load-aws-sdk-configno
Instead of using profiles configured in ~/.aws/credentials, use profiles found from ~/.aws/config.
--var name=VALUEno
Set variable that can be referenced in configuration files. This option can be used multiple times to set multiple variables.
--var-file FILE
--var-file name=FILE
no
Load variables from a file. The variables can be referenced in configuration files. This option can be used multiple times to load variables from multiple files. If NAME is given, variables are loaded to a variable with that name.
--env-file FILEno
Load environment variables from a file. The variables can be referenced in configuration files. This option can be used multiple times to load variables from multiple files.
--log-confidential-infono
Allow printing of environment variables and confidential parameter values that are concealed from the logs by default.
--statsno
Print statistics information of the executed command.

Examples

Sync all secrets:

tkm stacks secrets sync

Sync secrets within the given command path:

tkm stacks secrets sync /prod