The AWS::SSM::Parameter
resource creates an SSM parameter in SYSlong Parameter Store.
To create an SSM parameter, you must have the IAMlong (IAM) permissions ssm:PutParameter
and ssm:AddTagsToResource
. On stack creation, CFNlong adds the following three tags to the parameter: aws:cloudformation:stack-name
, aws:cloudformation:logical-id
, and aws:cloudformation:stack-id
, in addition to any custom tags you specify.
To add, update, or remove tags during stack update, you must have IAM permissions for both ssm:AddTagsToResource
and ssm:RemoveTagsFromResource
. For more information, see Managing Access Using Policies in the User Guide.
For information about valid values for parameters, see About requirements and constraints for parameter names in the User Guide and PutParameter in the API Reference.
resource "awscc_ssm_parameter" "example" {
name = "command"
type = "String"
value = "date"
description = "SSM Parameter for running date command."
allowed_pattern = "^[a-zA-Z]{1,10}$"
}
resource "awscc_ssm_parameter" "example" {
name = "commands"
type = "StringList"
value = "date,ls"
description = "SSM Parameter of type StringList."
allowed_pattern = "^[a-zA-Z]{1,10}$"
}
resource "awscc_ssm_parameter" "example" {
name = "command"
type = "String"
value = "date"
tier = "Advanced"
policies = jsonencode([
{
"Type" : "Expiration",
"Version" : "1.0",
"Attributes" : {
"Timestamp" : "2024-05-13T00:00:00.000Z"
}
},
{
"Type" : "ExpirationNotification",
"Version" : "1.0",
"Attributes" : {
"Before" : "5",
"Unit" : "Days"
}
},
{
"Type" : "NoChangeNotification",
"Version" : "1.0",
"Attributes" : {
"After" : "60",
"Unit" : "Days"
}
}
])
description = "SSM Parameter for running date command."
allowed_pattern = "^[a-zA-Z]{1,10}$"
}
type
(String) The type of parameter.value
(String) The parameter value.
If type is StringList
, the system returns a comma-separated string with no spaces between commas in the Value
field.allowed_pattern
(String) A regular expression used to validate the parameter value. For example, for String
types with values restricted to numbers, you can specify the following: AllowedPattern=^\d+$
data_type
(String) The data type of the parameter, such as text
or aws:ec2:image
. The default is text
.description
(String) Information about the parameter.name
(String) The name of the parameter.
The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName
policies
(String) Information about the policies assigned to a parameter.
Assigning parameter policies in the User Guide.tags
(Map of String) Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.tier
(String) The parameter tier.id
(String) Uniquely identifies the resource.Import is supported using the following syntax:
$ terraform import awscc_ssm_parameter.example <resource ID>