npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@sidebase/ssm-secrets

v0.4.0

Published

AWS SSM command-line and programmatic utility

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

zoey-kaiserzoey-kaiservaliafetisovvaliafetisovbracketjohnbracketjohn

Keywords

AWSSSMCLIsecretsparameters

Readme

🗝️ @sidebase/ssm-secrets

Simple AWS SSM Secrets Manager CLI

Securely manage your AWS SSM Parameters — authenticate once via your OS keyring and easily list, get, write, or delete secrets.

✨ Features

  • 🔐 Secure local credential storage using native OS keyrings (via keyring-node, powered by keyring-rs)
  • 🧩 List / get / put / delete SSM parameters
  • 🏃 Run commands with environment variables from SSM parameters
  • 🧠 Output formatting as .env or JSON
  • 🪄 Works with AWS SSM Parameter Store, recursive listing included
  • 🧰 Both CLI and programmatic API available

📦 Installation

Install globally (recommended):

npm install -g @sidebase/ssm-secrets

Or use via npx:

npx ssm-secrets --package @sidebase/ssm-secrets

🚀 Usage

General structure

ssm-secrets <command> [options]

Run ssm-secrets --help or ssm-secrets <command> --help for details.

🔐 Authenticate

Store AWS credentials in your system keyring.

ssm-secrets auth

You’ll be prompted for:

AWS Region: (default: eu-central-1)
AWS Access Key ID:
AWS Secret Access Key:

These are securely saved using your OS’s secret store:

  • Linux: Secret Service / GNOME Keyring / KWallet
  • macOS: Keychain Access
  • Windows: Credential Manager

📜 List parameters

List all parameters under a given SSM path.

ssm-secrets list <path> [--format <env|json>]

Examples

ssm-secrets list my/service
ssm-secrets list my/service --format env

Output formats:

  • json (default) → structured object ({"PARAM": "value"})
  • env → shell-style lines suitable for source (PARAM='value')

🔍 Get a single parameter

Retrieve one parameter by path and name.

ssm-secrets get <path> <name>

Example:

ssm-secrets get my/service DB_PASSWORD

Outputs full JSON metadata from SSM.

✏️ Write or update a parameter

Add or update a parameter in SSM.

ssm-secrets put <path> <name> <value>

Aliases:

ssm-secrets write ...
ssm-secrets set ...

Example:

ssm-secrets put my/service DB_PASSWORD supersecret

Displays when successful:

✅ Parameter stored with version 3

❌ Delete a parameter

Remove a parameter from SSM.

ssm-secrets delete <path> <name>

Example:

ssm-secrets delete my/service DB_PASSWORD

Outputs:

✅ Parameter deleted

💿 Execute a command with SSM environment

Fetches all parameters from a given SSM path, transforms them into environment variables, and executes the provided command with that environment.

Variable names are uppercased and stripped of the path prefix. Example: /my/app/parameter becomes PARAMETER environment variable.

ssm-secrets exec my/app -- node server.js

If you need to pass --arguments to your command, separate them using a double dash:

ssm-secrets exec my/app -- node server.js --inspect

Options:

  • --no-overwrite Do not overwrite existing environment variables.

  • --ignore <names...> Ignore specific parameter names (case-sensitive, without path prefix). Example:

    ssm-secrets exec my/app --ignore FOO bar -- node server.js

⚙️ Programmatic API

You can also use the API directly in Node.js:

import { listParameters, getParameter, putParameter, deleteParameter } from '@sidebase/ssm-secrets'

const secrets = await listParameters('my/service')
console.log(secrets)

await putParameter('my/service', 'DB_PASSWORD', 'supersecret')

All functions automatically use the credentials stored via ssm-secrets auth.

🧩 Environment formats

The CLI supports exporting secrets in .env-compatible format:

ssm-secrets list my/app --format env > .env

You can then source them in a shell:

export $(cat .env | xargs)

or directly

source <(ssm-secrets list my/app --format env)

🔒 Credentials storage

Credentials are stored securely in the system keyring via keyring-node:

| Platform | Backend used | | -------- | -------------------------------------------------------------------- | | Linux | Secret Service (works with GNOME Keyring / KWallet) | | macOS | macOS Keychain | | Windows | Credential Manager |

Nothing sensitive is stored in plaintext.

🧠 Example workflow

ssm-secrets auth
ssm-secrets put my/app DB_USER myuser
ssm-secrets put my/app DB_PASS mypassword
ssm-secrets list my/app --format env
ssm-secrets exec my/app -- node server.js

Output:

DB_USER='myuser'
DB_PASS='mypassword'

🧾 License

MIT