aws_ssm_document

Provides an SSM Document resource

Example Usage

resource "aws_ssm_document" "foo" {
  name    = "test_document",
  content = <<DOC
  {
    "schemaVersion": "1.2",
    "description": "Check ip configuration of a Linux instance.",
    "parameters": {

    },
    "runtimeConfig": {
      "aws:runShellScript": {
        "properties": [
          {
            "id": "0.aws:runShellScript",
            "runCommand": ["ifconfig"]
          }
        ]
      }
    }
  }
DOC
}

Argument Reference

The following arguments are supported:

  • name - (Required) The name of the document.
  • content - (Required) The json content of the document.
  • permission - (Optional) Additional Permissions to attach to the document. See Permissions below for details.

Attributes Reference

The following attributes are exported:

  • name - The name of the document
  • content - The json content of the document
  • created_date - The date the document was created
  • description - The description of the document
  • hash - The sha1 or sha256 of the document content
  • hash_type - "Sha1" "Sha256". The hashing algorithm used when hashing the content.
  • owner - The AWS user account of the person who created the document.
  • status - "Creating", "Active" or "Deleting". The current status of the document.
  • parameter - The parameters that are available to this document.
  • permission - The permissions of how this document should be shared.
  • platform_type - "Windows" or "Linux". A list of OS platforms compatiable with this SSM document.

Permissions

The permission attribute specifies how you want to share the document. If you share a document privately, you must specify the AWS user account IDs for those people who can use the document. If you share a document publicly, you must specify All as the account ID.

The permission mapping support the following:

  • type - The permission type for the document. The permission type can be Share.
  • account_ids - The AWS user accounts that should have access to the document. The account IDs can either be a group of account IDs or All.