New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

aws ssm get-parameters --with-decryption removes \n from returned value #2596

Closed
fundkis opened this Issue May 11, 2017 · 10 comments

Comments

Projects
None yet
8 participants
@fundkis

fundkis commented May 11, 2017

We saved a private RSA key encrypted in the parameter store.
we use iam roles to retrieve it with the following instruction:
aws ssm get-parameters --with-decryption --names our-parameter-name
In the returned JSON, the parameters value does not have any \n in it!
When viewing key (decrypted) on the EC2 console, I can see the \n.
Here is the aws --version:
aws-cli/1.11.84 Python/2.7.12 Linux/4.4.51-40.58.amzn1.x86_64 botocore/1.5.47

@JordonPhillips

This comment has been minimized.

Member

JordonPhillips commented May 11, 2017

So to clarify, you've got an RSA key that looks like this:

-----BEGIN RSA PRIVATE KEY-----
randombytes
morebytes
-----END RSA PRIVATE KEY-----

And it's coming back like this:

-----BEGIN RSA PRIVATE KEY-----randombytesmorebytes-----END RSA PRIVATE KEY-----
@fundkis

This comment has been minimized.

fundkis commented May 11, 2017

Actually, '\n' are replaced by ' '. So It's coming like this:
-----BEGIN RSA PRIVATE KEY----- randombytes morebytes -----END RSA PRIVATE KEY-----

@JordonPhillips

This comment has been minimized.

Member

JordonPhillips commented May 11, 2017

How are you submitting the key? I found that if I paste the key into the console I can reproduce the error, but if I submit it via boto3 or the cli it comes back as expected.

@JordonPhillips

This comment has been minimized.

Member

JordonPhillips commented May 11, 2017

I've forwarded this issue on to the service team

@fundkis

This comment has been minimized.

fundkis commented May 12, 2017

I copy-pasted the key on the console... I'll submit it with the cli to avoid this problem.
Thank you Jordon.

@jeremykoerber

This comment has been minimized.

jeremykoerber commented Mar 5, 2018

I'm having the same problem. Pasting into the console will end up stripping the newlines. I use the Ruby SDK from the CLI to get around it. But it would be great to have the console work as expected.

@dawilliams

This comment has been minimized.

dawilliams commented Apr 12, 2018

@jeremykoerber how are you manipulating your file in ruby to send it to parameter store. I’m trying to work around this issue too

@sruehlmann

This comment has been minimized.

sruehlmann commented Oct 24, 2018

Can this be re-opened as we are still observing this behaviour with aws cli as well as the javascript sdk

@misterkbar

This comment has been minimized.

misterkbar commented Oct 30, 2018

happens with BOTO3 also. This is ultra annoying, why are you doing this?!?!?!

@goatandsheep

This comment has been minimized.

goatandsheep commented Nov 2, 2018

They should replace their <input> with a <textarea>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment