awscc_ssm_parameter (Resource)

The AWS::SSM::Parameter resource creates an SSM parameter in SYSlong Parameter Store. To create an SSM parameter, you must have the IAMlong (IAM) permissions ssm:PutParameter and ssm:AddTagsToResource. On stack creation, CFNlong adds the following three tags to the parameter: aws:cloudformation:stack-name, aws:cloudformation:logical-id, and aws:cloudformation:stack-id, in addition to any custom tags you specify. To add, update, or remove tags during stack update, you must have IAM permissions for both ssm:AddTagsToResource and ssm:RemoveTagsFromResource. For more information, see Managing Access Using Policies in the User Guide. For information about valid values for parameters, see About requirements and constraints for parameter names in the User Guide and PutParameter in the API Reference.

Example Usage

String type parameter

resource "awscc_ssm_parameter" "example" {
  name            = "command"
  type            = "String"
  value           = "date"
  description     = "SSM Parameter for running date command."
  allowed_pattern = "^[a-zA-Z]{1,10}$"
}

StringList type parameter

resource "awscc_ssm_parameter" "example" {
  name  = "commands"
  type  = "StringList"
  value = "date,ls"

  description     = "SSM Parameter of type StringList."
  allowed_pattern = "^[a-zA-Z]{1,10}$"
}

Advanced tier parameter with policy

resource "awscc_ssm_parameter" "example" {
  name  = "command"
  type  = "String"
  value = "date"
  tier  = "Advanced"
  policies = jsonencode([
    {
      "Type" : "Expiration",
      "Version" : "1.0",
      "Attributes" : {
        "Timestamp" : "2024-05-13T00:00:00.000Z"
      }
    },
    {
      "Type" : "ExpirationNotification",
      "Version" : "1.0",
      "Attributes" : {
        "Before" : "5",
        "Unit" : "Days"
      }
    },
    {
      "Type" : "NoChangeNotification",
      "Version" : "1.0",
      "Attributes" : {
        "After" : "60",
        "Unit" : "Days"
      }
    }
  ])
  description     = "SSM Parameter for running date command."
  allowed_pattern = "^[a-zA-Z]{1,10}$"
}

Schema

Required

Optional

Read-Only

Import

Import is supported using the following syntax:

$ terraform import awscc_ssm_parameter.example <resource ID>