Puppet Function: hiera_ssm_paramstore_write

Defined in:
lib/puppet/functions/hiera_ssm_paramstore_write.rb
Function type:
Ruby 4.x API

Overview

hiera_ssm_paramstore_write(Variant[String, Numeric] $key, Variant[String, Numeric] $value, Hash $options)Any

Parameters:

  • key (Variant[String, Numeric])
  • value (Variant[String, Numeric])
  • options (Hash)

Returns:

  • (Any) 


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
 
# File 'lib/puppet/functions/hiera_ssm_paramstore_write.rb', line 1

Puppet::Functions.create_function(:hiera_ssm_paramstore_write) do
  begin
    require 'aws-sdk-ssm'
  rescue LoadError
    raise Puppet::DataBinding::LookupError, 'Must install gem aws-sdk-ssm to use hiera_ssm_paramstore'
  end

  dispatch :write_key do
    param 'Variant[String, Numeric]', :key
    param 'Variant[String, Numeric]', :value
    param 'Hash', :options
  end

  def write_key(key, value, options)
    key_path = options['uri'] + key.gsub('::', '/')
    ssmclient = ssm_get_connection(options)

    put_parameter(key_path, value, options, ssmclient)
    # Fetch the newly created item. This both tests the creation and yields the result
    # in the expected format.
    get_parameter(key_path, ssmclient)
  end

  def ssm_get_connection(options)
    if options['region'].nil?
      Aws::SSM::Client.new
    else
      Aws::SSM::Client.new(region: options['region'])
    end
  rescue Aws::SSM::Errors::ServiceError => e
    raise Puppet::DataBinding::LookupError, "Fail to connect to aws ssm #{e.message}"
  end

  def put_parameter(key_path, value, options, ssmclient)
    put_options = { name: key_path,
                    description: 'Added by hiera_ssm_paramstore_write',
                    value: value,
                    type: 'String',
                    tags: [
                      {
                        key: 'CreatedBy',
                        value: 'puppet',
                      },
                    ] }
    put_options = put_options.merge(symbolize_keys(options['put'])) if options['put']

    begin
      ssmclient.put_parameter(put_options)
    rescue Aws::SSM::Errors::ServiceError => e
      raise Puppet::DataBinding::LookupError, "AWS SSM Service error #{e.message} with name: #{key_path}"
    end
  end

  def get_parameter(key_path, ssmclient)
    resp = ssmclient.get_parameters(names: [key_path],
                                    with_decryption: true)

    return nil if resp.parameters.empty?
    resp.parameters[0].value
  rescue Aws::SSM::Errors::ServiceError => e
    raise Puppet::DataBinding::LookupError, "AWS SSM Service error #{e.message} with names: [#{key_path}]"
  end

  def symbolize_keys(options)
    options.each_with_object({}) do |(k, v), hash|
      hash[k.to_sym] = if v.is_a?(Array)
                         v.map { |t| t.is_a?(Hash) ? symbolize_keys(t) : t }
                       else
                         v
                       end
    end
  end
end