Documentation ¶
Index ¶
- func CfnAssociation_CFN_RESOURCE_TYPE_NAME() *string
- func CfnAssociation_IsCfnElement(x interface{}) *bool
- func CfnAssociation_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnAssociation_IsConstruct(x interface{}) *bool
- func CfnDocument_CFN_RESOURCE_TYPE_NAME() *string
- func CfnDocument_IsCfnElement(x interface{}) *bool
- func CfnDocument_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnDocument_IsConstruct(x interface{}) *bool
- func CfnMaintenanceWindowTarget_CFN_RESOURCE_TYPE_NAME() *string
- func CfnMaintenanceWindowTarget_IsCfnElement(x interface{}) *bool
- func CfnMaintenanceWindowTarget_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnMaintenanceWindowTarget_IsConstruct(x interface{}) *bool
- func CfnMaintenanceWindowTask_CFN_RESOURCE_TYPE_NAME() *string
- func CfnMaintenanceWindowTask_IsCfnElement(x interface{}) *bool
- func CfnMaintenanceWindowTask_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnMaintenanceWindowTask_IsConstruct(x interface{}) *bool
- func CfnMaintenanceWindow_CFN_RESOURCE_TYPE_NAME() *string
- func CfnMaintenanceWindow_IsCfnElement(x interface{}) *bool
- func CfnMaintenanceWindow_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnMaintenanceWindow_IsConstruct(x interface{}) *bool
- func CfnParameter_CFN_RESOURCE_TYPE_NAME() *string
- func CfnParameter_IsCfnElement(x interface{}) *bool
- func CfnParameter_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnParameter_IsConstruct(x interface{}) *bool
- func CfnPatchBaseline_CFN_RESOURCE_TYPE_NAME() *string
- func CfnPatchBaseline_IsCfnElement(x interface{}) *bool
- func CfnPatchBaseline_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnPatchBaseline_IsConstruct(x interface{}) *bool
- func CfnResourceDataSync_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResourceDataSync_IsCfnElement(x interface{}) *bool
- func CfnResourceDataSync_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResourceDataSync_IsConstruct(x interface{}) *bool
- func NewCfnAssociation_Override(c CfnAssociation, scope constructs.Construct, id *string, ...)
- func NewCfnDocument_Override(c CfnDocument, scope constructs.Construct, id *string, props *CfnDocumentProps)
- func NewCfnMaintenanceWindowTarget_Override(c CfnMaintenanceWindowTarget, scope constructs.Construct, id *string, ...)
- func NewCfnMaintenanceWindowTask_Override(c CfnMaintenanceWindowTask, scope constructs.Construct, id *string, ...)
- func NewCfnMaintenanceWindow_Override(c CfnMaintenanceWindow, scope constructs.Construct, id *string, ...)
- func NewCfnParameter_Override(c CfnParameter, scope constructs.Construct, id *string, ...)
- func NewCfnPatchBaseline_Override(c CfnPatchBaseline, scope constructs.Construct, id *string, ...)
- func NewCfnResourceDataSync_Override(c CfnResourceDataSync, scope constructs.Construct, id *string, ...)
- func NewStringListParameter_Override(s StringListParameter, scope constructs.Construct, id *string, ...)
- func NewStringParameter_Override(s StringParameter, scope constructs.Construct, id *string, ...)
- func StringListParameter_IsConstruct(x interface{}) *bool
- func StringListParameter_IsResource(construct constructs.IConstruct) *bool
- func StringParameter_IsConstruct(x interface{}) *bool
- func StringParameter_IsResource(construct constructs.IConstruct) *bool
- func StringParameter_ValueForSecureStringParameter(scope constructs.Construct, parameterName *string, version *float64) *string
- func StringParameter_ValueForStringParameter(scope constructs.Construct, parameterName *string, version *float64) *string
- func StringParameter_ValueForTypedStringParameter(scope constructs.Construct, parameterName *string, type_ ParameterType, ...) *string
- func StringParameter_ValueFromLookup(scope constructs.Construct, parameterName *string) *string
- type CfnAssociation
- type CfnAssociationProps
- type CfnAssociation_InstanceAssociationOutputLocationProperty
- type CfnAssociation_S3OutputLocationProperty
- type CfnAssociation_TargetProperty
- type CfnDocument
- type CfnDocumentProps
- type CfnDocument_AttachmentsSourceProperty
- type CfnDocument_DocumentRequiresProperty
- type CfnMaintenanceWindow
- type CfnMaintenanceWindowProps
- type CfnMaintenanceWindowTarget
- type CfnMaintenanceWindowTargetProps
- type CfnMaintenanceWindowTarget_TargetsProperty
- type CfnMaintenanceWindowTask
- type CfnMaintenanceWindowTaskProps
- type CfnMaintenanceWindowTask_LoggingInfoProperty
- type CfnMaintenanceWindowTask_MaintenanceWindowAutomationParametersProperty
- type CfnMaintenanceWindowTask_MaintenanceWindowLambdaParametersProperty
- type CfnMaintenanceWindowTask_MaintenanceWindowRunCommandParametersProperty
- type CfnMaintenanceWindowTask_MaintenanceWindowStepFunctionsParametersProperty
- type CfnMaintenanceWindowTask_NotificationConfigProperty
- type CfnMaintenanceWindowTask_TargetProperty
- type CfnMaintenanceWindowTask_TaskInvocationParametersProperty
- type CfnParameter
- type CfnParameterProps
- type CfnPatchBaseline
- type CfnPatchBaselineProps
- type CfnPatchBaseline_PatchFilterGroupProperty
- type CfnPatchBaseline_PatchFilterProperty
- type CfnPatchBaseline_PatchSourceProperty
- type CfnPatchBaseline_RuleGroupProperty
- type CfnPatchBaseline_RuleProperty
- type CfnResourceDataSync
- type CfnResourceDataSyncProps
- type CfnResourceDataSync_AwsOrganizationsSourceProperty
- type CfnResourceDataSync_S3DestinationProperty
- type CfnResourceDataSync_SyncSourceProperty
- type CommonStringParameterAttributes
- type IParameter
- type IStringListParameter
- type IStringParameter
- func StringParameter_FromSecureStringParameterAttributes(scope constructs.Construct, id *string, attrs *SecureStringParameterAttributes) IStringParameter
- func StringParameter_FromStringParameterAttributes(scope constructs.Construct, id *string, attrs *StringParameterAttributes) IStringParameter
- func StringParameter_FromStringParameterName(scope constructs.Construct, id *string, stringParameterName *string) IStringParameter
- type ParameterDataType
- type ParameterOptions
- type ParameterTier
- type ParameterType
- type SecureStringParameterAttributes
- type StringListParameter
- type StringListParameterProps
- type StringParameter
- type StringParameterAttributes
- type StringParameterProps
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CfnAssociation_CFN_RESOURCE_TYPE_NAME ¶
func CfnAssociation_CFN_RESOURCE_TYPE_NAME() *string
func CfnAssociation_IsCfnElement ¶
func CfnAssociation_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnAssociation_IsCfnResource ¶
func CfnAssociation_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnAssociation_IsConstruct ¶
func CfnAssociation_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnDocument_CFN_RESOURCE_TYPE_NAME ¶
func CfnDocument_CFN_RESOURCE_TYPE_NAME() *string
func CfnDocument_IsCfnElement ¶
func CfnDocument_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnDocument_IsCfnResource ¶
func CfnDocument_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnDocument_IsConstruct ¶
func CfnDocument_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnMaintenanceWindowTarget_CFN_RESOURCE_TYPE_NAME ¶
func CfnMaintenanceWindowTarget_CFN_RESOURCE_TYPE_NAME() *string
func CfnMaintenanceWindowTarget_IsCfnElement ¶
func CfnMaintenanceWindowTarget_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnMaintenanceWindowTarget_IsCfnResource ¶
func CfnMaintenanceWindowTarget_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnMaintenanceWindowTarget_IsConstruct ¶
func CfnMaintenanceWindowTarget_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnMaintenanceWindowTask_CFN_RESOURCE_TYPE_NAME ¶
func CfnMaintenanceWindowTask_CFN_RESOURCE_TYPE_NAME() *string
func CfnMaintenanceWindowTask_IsCfnElement ¶
func CfnMaintenanceWindowTask_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnMaintenanceWindowTask_IsCfnResource ¶
func CfnMaintenanceWindowTask_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnMaintenanceWindowTask_IsConstruct ¶
func CfnMaintenanceWindowTask_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnMaintenanceWindow_CFN_RESOURCE_TYPE_NAME ¶
func CfnMaintenanceWindow_CFN_RESOURCE_TYPE_NAME() *string
func CfnMaintenanceWindow_IsCfnElement ¶
func CfnMaintenanceWindow_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnMaintenanceWindow_IsCfnResource ¶
func CfnMaintenanceWindow_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnMaintenanceWindow_IsConstruct ¶
func CfnMaintenanceWindow_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnParameter_CFN_RESOURCE_TYPE_NAME ¶
func CfnParameter_CFN_RESOURCE_TYPE_NAME() *string
func CfnParameter_IsCfnElement ¶
func CfnParameter_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnParameter_IsCfnResource ¶
func CfnParameter_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnParameter_IsConstruct ¶
func CfnParameter_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnPatchBaseline_CFN_RESOURCE_TYPE_NAME ¶
func CfnPatchBaseline_CFN_RESOURCE_TYPE_NAME() *string
func CfnPatchBaseline_IsCfnElement ¶
func CfnPatchBaseline_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnPatchBaseline_IsCfnResource ¶
func CfnPatchBaseline_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnPatchBaseline_IsConstruct ¶
func CfnPatchBaseline_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func CfnResourceDataSync_CFN_RESOURCE_TYPE_NAME ¶
func CfnResourceDataSync_CFN_RESOURCE_TYPE_NAME() *string
func CfnResourceDataSync_IsCfnElement ¶
func CfnResourceDataSync_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element.
func CfnResourceDataSync_IsCfnResource ¶
func CfnResourceDataSync_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource.
func CfnResourceDataSync_IsConstruct ¶
func CfnResourceDataSync_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func NewCfnAssociation_Override ¶
func NewCfnAssociation_Override(c CfnAssociation, scope constructs.Construct, id *string, props *CfnAssociationProps)
Create a new `AWS::SSM::Association`.
func NewCfnDocument_Override ¶
func NewCfnDocument_Override(c CfnDocument, scope constructs.Construct, id *string, props *CfnDocumentProps)
Create a new `AWS::SSM::Document`.
func NewCfnMaintenanceWindowTarget_Override ¶
func NewCfnMaintenanceWindowTarget_Override(c CfnMaintenanceWindowTarget, scope constructs.Construct, id *string, props *CfnMaintenanceWindowTargetProps)
Create a new `AWS::SSM::MaintenanceWindowTarget`.
func NewCfnMaintenanceWindowTask_Override ¶
func NewCfnMaintenanceWindowTask_Override(c CfnMaintenanceWindowTask, scope constructs.Construct, id *string, props *CfnMaintenanceWindowTaskProps)
Create a new `AWS::SSM::MaintenanceWindowTask`.
func NewCfnMaintenanceWindow_Override ¶
func NewCfnMaintenanceWindow_Override(c CfnMaintenanceWindow, scope constructs.Construct, id *string, props *CfnMaintenanceWindowProps)
Create a new `AWS::SSM::MaintenanceWindow`.
func NewCfnParameter_Override ¶
func NewCfnParameter_Override(c CfnParameter, scope constructs.Construct, id *string, props *CfnParameterProps)
Create a new `AWS::SSM::Parameter`.
func NewCfnPatchBaseline_Override ¶
func NewCfnPatchBaseline_Override(c CfnPatchBaseline, scope constructs.Construct, id *string, props *CfnPatchBaselineProps)
Create a new `AWS::SSM::PatchBaseline`.
func NewCfnResourceDataSync_Override ¶
func NewCfnResourceDataSync_Override(c CfnResourceDataSync, scope constructs.Construct, id *string, props *CfnResourceDataSyncProps)
Create a new `AWS::SSM::ResourceDataSync`.
func NewStringListParameter_Override ¶
func NewStringListParameter_Override(s StringListParameter, scope constructs.Construct, id *string, props *StringListParameterProps)
func NewStringParameter_Override ¶
func NewStringParameter_Override(s StringParameter, scope constructs.Construct, id *string, props *StringParameterProps)
func StringListParameter_IsConstruct ¶
func StringListParameter_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func StringListParameter_IsResource ¶
func StringListParameter_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func StringParameter_IsConstruct ¶
func StringParameter_IsConstruct(x interface{}) *bool
Checks if `x` is a construct.
Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead
func StringParameter_IsResource ¶
func StringParameter_IsResource(construct constructs.IConstruct) *bool
Check whether the given construct is a Resource.
func StringParameter_ValueForSecureStringParameter ¶
func StringParameter_ValueForSecureStringParameter(scope constructs.Construct, parameterName *string, version *float64) *string
Returns a token that will resolve (during deployment).
func StringParameter_ValueForStringParameter ¶
func StringParameter_ValueForStringParameter(scope constructs.Construct, parameterName *string, version *float64) *string
Returns a token that will resolve (during deployment) to the string value of an SSM string parameter.
func StringParameter_ValueForTypedStringParameter ¶
func StringParameter_ValueForTypedStringParameter(scope constructs.Construct, parameterName *string, type_ ParameterType, version *float64) *string
Returns a token that will resolve (during deployment) to the string value of an SSM string parameter.
func StringParameter_ValueFromLookup ¶
Reads the value of an SSM parameter during synthesis through an environmental context provider.
Requires that the stack this scope is defined in will have explicit account/region information. Otherwise, it will fail during synthesis.
Types ¶
type CfnAssociation ¶
type CfnAssociation interface { awscdk.CfnResource awscdk.IInspectable ApplyOnlyAtCronInterval() interface{} SetApplyOnlyAtCronInterval(val interface{}) AssociationName() *string SetAssociationName(val *string) AttrAssociationId() *string AutomationTargetParameterName() *string SetAutomationTargetParameterName(val *string) CalendarNames() *[]*string SetCalendarNames(val *[]*string) CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string ComplianceSeverity() *string SetComplianceSeverity(val *string) CreationStack() *[]*string DocumentVersion() *string SetDocumentVersion(val *string) InstanceId() *string SetInstanceId(val *string) LogicalId() *string MaxConcurrency() *string SetMaxConcurrency(val *string) MaxErrors() *string SetMaxErrors(val *string) Name() *string SetName(val *string) Node() constructs.Node OutputLocation() interface{} SetOutputLocation(val interface{}) Parameters() interface{} SetParameters(val interface{}) Ref() *string ScheduleExpression() *string SetScheduleExpression(val *string) Stack() awscdk.Stack SyncCompliance() *string SetSyncCompliance(val *string) Targets() interface{} SetTargets(val interface{}) UpdatedProperites() *map[string]interface{} WaitForSuccessTimeoutSeconds() *float64 SetWaitForSuccessTimeoutSeconds(val *float64) AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::Association`.
The `AWS::SSM::Association` resource creates a State Manager association for your managed instances. A State Manager association defines the state that you want to maintain on your instances. For example, an association can specify that anti-virus software must be installed and running on your instances, or that certain ports must be closed. For static targets, the association specifies a schedule for when the configuration is reapplied. For dynamic targets, such as an AWS Resource Groups or an AWS Auto Scaling Group, State Manager applies the configuration when new instances are added to the group. The association also specifies actions to take when applying the configuration. For example, an association for anti-virus software might run once a day. If the software is not installed, then State Manager installs it. If the software is installed, but the service is not running, then the association might instruct State Manager to start the service.
TODO: EXAMPLE
func NewCfnAssociation ¶
func NewCfnAssociation(scope constructs.Construct, id *string, props *CfnAssociationProps) CfnAssociation
Create a new `AWS::SSM::Association`.
type CfnAssociationProps ¶
type CfnAssociationProps struct { // The name of the SSM document that contains the configuration information for the instance. // // You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format: // // `arn:partition:ssm:region:account-id:document/document-name` // // For example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document` // // For AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, AWS -ApplyPatchBaseline or My-Document. Name *string `json:"name"` // By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. // // Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions. ApplyOnlyAtCronInterval interface{} `json:"applyOnlyAtCronInterval"` // Specify a descriptive name for the association. AssociationName *string `json:"associationName"` // Choose the parameter that will define how your automation will branch out. // // This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager . AutomationTargetParameterName *string `json:"automationTargetParameterName"` // The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. // // The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) . CalendarNames *[]*string `json:"calendarNames"` // The severity level that is assigned to the association. ComplianceSeverity *string `json:"complianceSeverity"` // The version of the SSM document to associate with the target. DocumentVersion *string `json:"documentVersion"` // The ID of the instance that the SSM document is associated with. // // You must specify the `InstanceId` or `Targets` property. // // > `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter. InstanceId *string `json:"instanceId"` // The maximum number of targets allowed to run the association at the same time. // // You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time. // // If a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` . MaxConcurrency *string `json:"maxConcurrency"` // The number of errors that are allowed before the system stops sending requests to run the association on additional targets. // // You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received. // // Executions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time. MaxErrors *string `json:"maxErrors"` // An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request. OutputLocation interface{} `json:"outputLocation"` // The parameters for the runtime configuration of the document. Parameters interface{} `json:"parameters"` // A cron expression that specifies a schedule when the association runs. // // The schedule runs in Coordinated Universal Time (UTC). ScheduleExpression *string `json:"scheduleExpression"` // The mode for generating association compliance. // // You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` . // // In `MANUAL` mode, you must specify the `AssociationId` as a parameter for the PutComplianceItems API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the PutComplianceItems API action. // // By default, all associations use `AUTO` mode. SyncCompliance *string `json:"syncCompliance"` // The targets for the association. // // You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying the `InstanceIds` key with a value of `*` . To view a JSON and a YAML example that targets all instances, see "Create an association for all managed instances in an AWS account " on the Examples page. Targets interface{} `json:"targets"` // The number of seconds the service should wait for the association status to show "Success" before proceeding with the stack execution. // // If the association status doesn't show "Success" after the specified number of seconds, then stack creation fails. WaitForSuccessTimeoutSeconds *float64 `json:"waitForSuccessTimeoutSeconds"` }
Properties for defining a `CfnAssociation`.
TODO: EXAMPLE
type CfnAssociation_InstanceAssociationOutputLocationProperty ¶
type CfnAssociation_InstanceAssociationOutputLocationProperty struct {
// `S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.
S3Location interface{} `json:"s3Location"`
}
`InstanceAssociationOutputLocation` is a property of the [AWS::SSM::Association](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html) resource that specifies an Amazon S3 bucket where you want to store the results of this association request.
For the minimal permissions required to enable Amazon S3 output for an association, see [Creating associations](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-state-assoc.html) in the *Systems Manager User Guide* .
TODO: EXAMPLE
type CfnAssociation_S3OutputLocationProperty ¶
type CfnAssociation_S3OutputLocationProperty struct { // The name of the S3 bucket. OutputS3BucketName *string `json:"outputS3BucketName"` // The S3 bucket subfolder. OutputS3KeyPrefix *string `json:"outputS3KeyPrefix"` // The AWS Region of the S3 bucket. OutputS3Region *string `json:"outputS3Region"` }
`S3OutputLocation` is a property of the [AWS::SSM::Association](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html) resource that specifies an Amazon S3 bucket where you want to store the results of this association request.
TODO: EXAMPLE
type CfnAssociation_TargetProperty ¶
type CfnAssociation_TargetProperty struct { // User-defined criteria for sending commands that target managed nodes that meet the criteria. Key *string `json:"key"` // User-defined criteria that maps to `Key` . // // For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` . // // Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50. Values *[]*string `json:"values"` }
`Target` is a property of the [AWS::SSM::Association](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html) resource that specifies the targets for an SSM document in Systems Manager . You can target all instances in an AWS account by specifying the `InstanceIds` key with a value of `*` . To view a JSON and a YAML example that targets all instances, see "Create an association for all managed instances in an AWS account " on the Examples page.
TODO: EXAMPLE
type CfnDocument ¶
type CfnDocument interface { awscdk.CfnResource awscdk.IInspectable Attachments() interface{} SetAttachments(val interface{}) CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string Content() interface{} SetContent(val interface{}) CreationStack() *[]*string DocumentFormat() *string SetDocumentFormat(val *string) DocumentType() *string SetDocumentType(val *string) LogicalId() *string Name() *string SetName(val *string) Node() constructs.Node Ref() *string Requires() interface{} SetRequires(val interface{}) Stack() awscdk.Stack Tags() awscdk.TagManager TargetType() *string SetTargetType(val *string) UpdatedProperites() *map[string]interface{} VersionName() *string SetVersionName(val *string) AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::Document`.
The `AWS::SSM::Document` resource creates a Systems Manager (SSM) document in AWS Systems Manager . This document defines the actions that Systems Manager performs on your AWS resources.
> This resource does not support CloudFormation drift detection.
TODO: EXAMPLE
func NewCfnDocument ¶
func NewCfnDocument(scope constructs.Construct, id *string, props *CfnDocumentProps) CfnDocument
Create a new `AWS::SSM::Document`.
type CfnDocumentProps ¶
type CfnDocumentProps struct { // The content for the new SSM document in JSON or YAML. // // > This parameter also supports `String` data types. Content interface{} `json:"content"` // A list of key-value pairs that describe attachments to a version of a document. Attachments interface{} `json:"attachments"` // Specify the document format for the request. // // The document format can be JSON or YAML. JSON is the default format. // // > `TEXT` is not supported, even though it is listed in the `Allowed values` . DocumentFormat *string `json:"documentFormat"` // The type of document to create. // // *Allowed Values* : `ApplicationConfigurationSchema` | `Automation` | `Automation.ChangeTemplate` | `Command` | `DeploymentStrategy` | `Package` | `Policy` | `Session` DocumentType *string `json:"documentType"` // A name for the SSM document. // // > You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes: // > // > - `aws-` // > - `amazon` // > - `amzn` Name *string `json:"name"` // A list of SSM documents required by a document. // // This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* . Requires interface{} `json:"requires"` // AWS CloudFormation resource tags to apply to the document. // // Use tags to help you identify and categorize resources. Tags *[]*awscdk.CfnTag `json:"tags"` // Specify a target type to define the kinds of resources the document can run on. // // For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* . TargetType *string `json:"targetType"` // An optional field specifying the version of the artifact you are creating with the document. // // For example, "Release 12, Update 6". This value is unique across all versions of a document, and can't be changed. VersionName *string `json:"versionName"` }
Properties for defining a `CfnDocument`.
TODO: EXAMPLE
type CfnDocument_AttachmentsSourceProperty ¶
type CfnDocument_AttachmentsSourceProperty struct { // The key of a key-value pair that identifies the location of an attachment to a document. Key *string `json:"key"` // The name of the document attachment file. Name *string `json:"name"` // The value of a key-value pair that identifies the location of an attachment to a document. // // The format for *Value* depends on the type of key you specify. // // - For the key *SourceUrl* , the value is an S3 bucket location. For example: // // `"Values": [ "s3://doc-example-bucket/my-folder" ]` // - For the key *S3FileUrl* , the value is a file in an S3 bucket. For example: // // `"Values": [ "s3://doc-example-bucket/my-folder/my-file.py" ]` // - For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example: // // `"Values": [ "MyOtherDocument/3/my-other-file.py" ]` // // However, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example: // // `"Values": [ "arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py" ]` Values *[]*string `json:"values"` }
Identifying information about a document attachment, including the file name and a key-value pair that identifies the location of an attachment to a document.
TODO: EXAMPLE
type CfnDocument_DocumentRequiresProperty ¶
type CfnDocument_DocumentRequiresProperty struct { // The name of the required SSM document. // // The name can be an Amazon Resource Name (ARN). Name *string `json:"name"` // The document version required by the current document. Version *string `json:"version"` }
An SSM document required by the current document.
TODO: EXAMPLE
type CfnMaintenanceWindow ¶
type CfnMaintenanceWindow interface { awscdk.CfnResource awscdk.IInspectable AllowUnassociatedTargets() interface{} SetAllowUnassociatedTargets(val interface{}) CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string CreationStack() *[]*string Cutoff() *float64 SetCutoff(val *float64) Description() *string SetDescription(val *string) Duration() *float64 SetDuration(val *float64) EndDate() *string SetEndDate(val *string) LogicalId() *string Name() *string SetName(val *string) Node() constructs.Node Ref() *string Schedule() *string SetSchedule(val *string) ScheduleOffset() *float64 SetScheduleOffset(val *float64) ScheduleTimezone() *string SetScheduleTimezone(val *string) Stack() awscdk.Stack StartDate() *string SetStartDate(val *string) Tags() awscdk.TagManager UpdatedProperites() *map[string]interface{} AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::MaintenanceWindow`.
The `AWS::SSM::MaintenanceWindow` resource represents general information about a maintenance window for AWS Systems Manager . Maintenance Windows let you define a schedule for when to perform potentially disruptive actions on your instances, such as patching an operating system (OS), updating drivers, or installing software. Each maintenance window has a schedule, a duration, a set of registered targets, and a set of registered tasks.
For more information, see [Systems Manager Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-maintenance.html) in the *AWS Systems Manager User Guide* and [CreateMaintenanceWindow](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateMaintenanceWindow.html) in the *AWS Systems Manager API Reference* .
TODO: EXAMPLE
func NewCfnMaintenanceWindow ¶
func NewCfnMaintenanceWindow(scope constructs.Construct, id *string, props *CfnMaintenanceWindowProps) CfnMaintenanceWindow
Create a new `AWS::SSM::MaintenanceWindow`.
type CfnMaintenanceWindowProps ¶
type CfnMaintenanceWindowProps struct { // Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets. // // If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window. AllowUnassociatedTargets interface{} `json:"allowUnassociatedTargets"` // The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution. Cutoff *float64 `json:"cutoff"` // The duration of the maintenance window in hours. Duration *float64 `json:"duration"` // The name of the maintenance window. Name *string `json:"name"` // The schedule of the maintenance window in the form of a cron or rate expression. Schedule *string `json:"schedule"` // A description of the maintenance window. Description *string `json:"description"` // The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive. EndDate *string `json:"endDate"` // The number of days to wait to run a maintenance window after the scheduled cron expression date and time. ScheduleOffset *float64 `json:"scheduleOffset"` // The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format. ScheduleTimezone *string `json:"scheduleTimezone"` // The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active. // // StartDate allows you to delay activation of the Maintenance Window until the specified future date. StartDate *string `json:"startDate"` // Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). // // Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in. Tags *[]*awscdk.CfnTag `json:"tags"` }
Properties for defining a `CfnMaintenanceWindow`.
TODO: EXAMPLE
type CfnMaintenanceWindowTarget ¶
type CfnMaintenanceWindowTarget interface { awscdk.CfnResource awscdk.IInspectable CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string CreationStack() *[]*string Description() *string SetDescription(val *string) LogicalId() *string Name() *string SetName(val *string) Node() constructs.Node OwnerInformation() *string SetOwnerInformation(val *string) Ref() *string ResourceType() *string SetResourceType(val *string) Stack() awscdk.Stack Targets() interface{} SetTargets(val interface{}) UpdatedProperites() *map[string]interface{} WindowId() *string SetWindowId(val *string) AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::MaintenanceWindowTarget`.
The `AWS::SSM::MaintenanceWindowTarget` resource registers a target with a maintenance window for AWS Systems Manager . For more information, see [RegisterTargetWithMaintenanceWindow](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTargetWithMaintenanceWindow.html) in the *AWS Systems Manager API Reference* .
TODO: EXAMPLE
func NewCfnMaintenanceWindowTarget ¶
func NewCfnMaintenanceWindowTarget(scope constructs.Construct, id *string, props *CfnMaintenanceWindowTargetProps) CfnMaintenanceWindowTarget
Create a new `AWS::SSM::MaintenanceWindowTarget`.
type CfnMaintenanceWindowTargetProps ¶
type CfnMaintenanceWindowTargetProps struct { // The type of target that is being registered with the maintenance window. ResourceType *string `json:"resourceType"` // The targets to register with the maintenance window. // // In other words, the instances to run commands on when the maintenance window runs. // // You must specify targets by using the `WindowTargetIds` parameter. Targets interface{} `json:"targets"` // The ID of the maintenance window to register the target with. WindowId *string `json:"windowId"` // A description for the target. Description *string `json:"description"` // The name for the maintenance window target. Name *string `json:"name"` // A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window. OwnerInformation *string `json:"ownerInformation"` }
Properties for defining a `CfnMaintenanceWindowTarget`.
TODO: EXAMPLE
type CfnMaintenanceWindowTarget_TargetsProperty ¶
type CfnMaintenanceWindowTarget_TargetsProperty struct { // User-defined criteria for sending commands that target managed nodes that meet the criteria. Key *string `json:"key"` // User-defined criteria that maps to `Key` . // // For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` . // // Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50. Values *[]*string `json:"values"` }
The `Targets` property type specifies adding a target to a maintenance window target in AWS Systems Manager .
`Targets` is a property of the [AWS::SSM::MaintenanceWindowTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtarget.html) resource.
TODO: EXAMPLE
type CfnMaintenanceWindowTask ¶
type CfnMaintenanceWindowTask interface { awscdk.CfnResource awscdk.IInspectable CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string CreationStack() *[]*string CutoffBehavior() *string SetCutoffBehavior(val *string) Description() *string SetDescription(val *string) LoggingInfo() interface{} SetLoggingInfo(val interface{}) LogicalId() *string MaxConcurrency() *string SetMaxConcurrency(val *string) MaxErrors() *string SetMaxErrors(val *string) Name() *string SetName(val *string) Node() constructs.Node Priority() *float64 SetPriority(val *float64) Ref() *string ServiceRoleArn() *string SetServiceRoleArn(val *string) Stack() awscdk.Stack Targets() interface{} SetTargets(val interface{}) TaskArn() *string SetTaskArn(val *string) TaskInvocationParameters() interface{} SetTaskInvocationParameters(val interface{}) TaskParameters() interface{} SetTaskParameters(val interface{}) TaskType() *string SetTaskType(val *string) UpdatedProperites() *map[string]interface{} WindowId() *string SetWindowId(val *string) AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::MaintenanceWindowTask`.
The `AWS::SSM::MaintenanceWindowTask` resource defines information about a task for an AWS Systems Manager maintenance window. For more information, see [RegisterTaskWithMaintenanceWindow](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTaskWithMaintenanceWindow.html) in the *AWS Systems Manager API Reference* .
TODO: EXAMPLE
func NewCfnMaintenanceWindowTask ¶
func NewCfnMaintenanceWindowTask(scope constructs.Construct, id *string, props *CfnMaintenanceWindowTaskProps) CfnMaintenanceWindowTask
Create a new `AWS::SSM::MaintenanceWindowTask`.
type CfnMaintenanceWindowTaskProps ¶
type CfnMaintenanceWindowTaskProps struct { // The priority of the task in the maintenance window. // // The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel. Priority *float64 `json:"priority"` // The resource that the task uses during execution. // // For `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN). // // For `LAMBDA` tasks, `TaskArn` is the function name or ARN. // // For `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN. TaskArn *string `json:"taskArn"` // The type of task. // // Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` . TaskType *string `json:"taskType"` // The ID of the maintenance window where the task is registered. WindowId *string `json:"windowId"` // The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached. CutoffBehavior *string `json:"cutoffBehavior"` // A description of the task. Description *string `json:"description"` // Information about an Amazon S3 bucket to write task-level logs to. // // > `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS Systems Manager MaintenanceWindowTask TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) . LoggingInfo interface{} `json:"loggingInfo"` // The maximum number of targets this task can be run for, in parallel. // // > Although this element is listed as "Required: No", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases. // > // > For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task. MaxConcurrency *string `json:"maxConcurrency"` // The maximum number of errors allowed before this task stops being scheduled. // // > Although this element is listed as "Required: No", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases. // > // > For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task. MaxErrors *string `json:"maxErrors"` // The task name. Name *string `json:"name"` // The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service (Amazon SNS) notifications for maintenance window Run Command tasks. ServiceRoleArn *string `json:"serviceRoleArn"` // The targets, either instances or window target IDs. // // - Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` . // - Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` . Targets interface{} `json:"targets"` // The parameters to pass to the task when it runs. // // Populate only the fields that match the task type. All other fields should be empty. // // > When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed. TaskInvocationParameters interface{} `json:"taskInvocationParameters"` // The parameters to pass to the task when it runs. // // > `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) . TaskParameters interface{} `json:"taskParameters"` }
Properties for defining a `CfnMaintenanceWindowTask`.
TODO: EXAMPLE
type CfnMaintenanceWindowTask_LoggingInfoProperty ¶
type CfnMaintenanceWindowTask_LoggingInfoProperty struct { // The AWS Region where the S3 bucket is located. Region *string `json:"region"` // The name of an S3 bucket where execution logs are stored . S3Bucket *string `json:"s3Bucket"` // The Amazon S3 bucket subfolder. S3Prefix *string `json:"s3Prefix"` }
The `LoggingInfo` property type specifies information about the Amazon S3 bucket to write instance-level logs to.
`LoggingInfo` is a property of the [AWS::SSM::MaintenanceWindowTask](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html) resource.
> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS Systems Manager MaintenanceWindowTask TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) .
TODO: EXAMPLE
type CfnMaintenanceWindowTask_MaintenanceWindowAutomationParametersProperty ¶
type CfnMaintenanceWindowTask_MaintenanceWindowAutomationParametersProperty struct { // The version of an Automation runbook to use during task execution. DocumentVersion *string `json:"documentVersion"` // The parameters for the AUTOMATION task. Parameters interface{} `json:"parameters"` }
The `MaintenanceWindowAutomationParameters` property type specifies the parameters for an `AUTOMATION` task type for a maintenance window task in AWS Systems Manager .
`MaintenanceWindowAutomationParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.
For information about available parameters in Automation runbooks, you can view the content of the runbook itself in the Systems Manager console. For information, see [View runbook content](https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-documents-reference-details.html#view-automation-json) in the *AWS Systems Manager User Guide* .
TODO: EXAMPLE
type CfnMaintenanceWindowTask_MaintenanceWindowLambdaParametersProperty ¶
type CfnMaintenanceWindowTask_MaintenanceWindowLambdaParametersProperty struct { // Client-specific information to pass to the AWS Lambda function that you're invoking. // // You can then use the `context` variable to process the client information in your AWS Lambda function. ClientContext *string `json:"clientContext"` // JSON to provide to your AWS Lambda function as input. // // > Although `Type` is listed as "String" for this property, the payload content must be formatted as a Base64-encoded binary data object. // // *Length Constraint:* 4096 Payload *string `json:"payload"` // An AWS Lambda function version or alias name. // // If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to. Qualifier *string `json:"qualifier"` }
The `MaintenanceWindowLambdaParameters` property type specifies the parameters for a `LAMBDA` task type for a maintenance window task in AWS Systems Manager .
`MaintenanceWindowLambdaParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.
TODO: EXAMPLE
type CfnMaintenanceWindowTask_MaintenanceWindowRunCommandParametersProperty ¶
type CfnMaintenanceWindowTask_MaintenanceWindowRunCommandParametersProperty struct { // Information about the command or commands to run. Comment *string `json:"comment"` // The SHA-256 or SHA-1 hash created by the system when the document was created. // // SHA-1 hashes have been deprecated. DocumentHash *string `json:"documentHash"` // The SHA-256 or SHA-1 hash type. // // SHA-1 hashes are deprecated. DocumentHashType *string `json:"documentHashType"` // Configurations for sending notifications about command status changes on a per-managed node basis. NotificationConfig interface{} `json:"notificationConfig"` // The name of the Amazon Simple Storage Service (Amazon S3) bucket. OutputS3BucketName *string `json:"outputS3BucketName"` // The S3 bucket subfolder. OutputS3KeyPrefix *string `json:"outputS3KeyPrefix"` // The parameters for the `RUN_COMMAND` task execution. // // The supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* . Parameters interface{} `json:"parameters"` // The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service (Amazon SNS) notifications for maintenance window Run Command tasks. ServiceRoleArn *string `json:"serviceRoleArn"` // If this time is reached and the command hasn't already started running, it doesn't run. TimeoutSeconds *float64 `json:"timeoutSeconds"` }
The `MaintenanceWindowRunCommandParameters` property type specifies the parameters for a `RUN_COMMAND` task type for a maintenance window task in AWS Systems Manager .
This means that these parameters are the same as those for the `SendCommand` API call. For more information about `SendCommand` parameters, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .
For information about available parameters in SSM Command documents, you can view the content of the document itself in the Systems Manager console. For information, see [Viewing SSM command document content](https://docs.aws.amazon.com/systems-manager/latest/userguide/viewing-ssm-document-content.html) in the *AWS Systems Manager User Guide* .
`MaintenanceWindowRunCommandParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.
TODO: EXAMPLE
type CfnMaintenanceWindowTask_MaintenanceWindowStepFunctionsParametersProperty ¶
type CfnMaintenanceWindowTask_MaintenanceWindowStepFunctionsParametersProperty struct { // The inputs for the `STEP_FUNCTIONS` task. Input *string `json:"input"` // The name of the `STEP_FUNCTIONS` task. Name *string `json:"name"` }
The `MaintenanceWindowStepFunctionsParameters` property type specifies the parameters for the execution of a `STEP_FUNCTIONS` task in a Systems Manager maintenance window.
`MaintenanceWindowStepFunctionsParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.
TODO: EXAMPLE
type CfnMaintenanceWindowTask_NotificationConfigProperty ¶
type CfnMaintenanceWindowTask_NotificationConfigProperty struct { // An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. // // Run Command pushes notifications about command status changes to this topic. NotificationArn *string `json:"notificationArn"` // The different events that you can receive notifications for. // // These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* . NotificationEvents *[]*string `json:"notificationEvents"` // The notification type. // // - `Command` : Receive notification when the status of a command changes. // - `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes. NotificationType *string `json:"notificationType"` }
The `NotificationConfig` property type specifies configurations for sending notifications for a maintenance window task in AWS Systems Manager .
`NotificationConfig` is a property of the [MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) property type.
TODO: EXAMPLE
type CfnMaintenanceWindowTask_TargetProperty ¶
type CfnMaintenanceWindowTask_TargetProperty struct { // User-defined criteria for sending commands that target instances that meet the criteria. // // `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* . Key *string `json:"key"` // User-defined criteria that maps to `Key` . // // For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* . Values *[]*string `json:"values"` }
The `Target` property type specifies targets (either instances or window target IDs).
You specify instances by using `Key=InstanceIds,Values=< *instanceid1* >,< *instanceid2* >` . You specify window target IDs using `Key=WindowTargetIds,Values=< *window-target-id-1* >,< *window-target-id-2* >` for a maintenance window task in AWS Systems Manager .
`Target` is a property of the [AWS::SSM::MaintenanceWindowTask](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html) property type.
> To use `resource-groups:Name` as the key for a maintenance window target, specify the resource group as a `AWS::SSM::MaintenanceWindowTarget` type, and use the `Ref` function to specify the target for `AWS::SSM::MaintenanceWindowTask` . For an example, see *Create a Run Command task that targets instances using a resource group name* in [AWS::SSM::MaintenanceWindowTask Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html#aws-resource-ssm-maintenancewindowtask--examples) .
TODO: EXAMPLE
type CfnMaintenanceWindowTask_TaskInvocationParametersProperty ¶
type CfnMaintenanceWindowTask_TaskInvocationParametersProperty struct { // The parameters for an `AUTOMATION` task type. MaintenanceWindowAutomationParameters interface{} `json:"maintenanceWindowAutomationParameters"` // The parameters for a `LAMBDA` task type. MaintenanceWindowLambdaParameters interface{} `json:"maintenanceWindowLambdaParameters"` // The parameters for a `RUN_COMMAND` task type. MaintenanceWindowRunCommandParameters interface{} `json:"maintenanceWindowRunCommandParameters"` // The parameters for a `STEP_FUNCTIONS` task type. MaintenanceWindowStepFunctionsParameters interface{} `json:"maintenanceWindowStepFunctionsParameters"` }
The `TaskInvocationParameters` property type specifies the task execution parameters for a maintenance window task in AWS Systems Manager .
`TaskInvocationParameters` is a property of the [AWS::SSM::MaintenanceWindowTask](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html) property type.
TODO: EXAMPLE
type CfnParameter ¶
type CfnParameter interface { awscdk.CfnResource awscdk.IInspectable AllowedPattern() *string SetAllowedPattern(val *string) AttrType() *string AttrValue() *string CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string CreationStack() *[]*string DataType() *string SetDataType(val *string) Description() *string SetDescription(val *string) LogicalId() *string Name() *string SetName(val *string) Node() constructs.Node Policies() *string SetPolicies(val *string) Ref() *string Stack() awscdk.Stack Tags() awscdk.TagManager Tier() *string SetTier(val *string) Type() *string SetType(val *string) UpdatedProperites() *map[string]interface{} Value() *string SetValue(val *string) AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::Parameter`.
The `AWS::SSM::Parameter` resource creates an SSM parameter in AWS Systems Manager Parameter Store.
> To create an SSM parameter, you must have the AWS Identity and Access Management ( IAM ) permissions `ssm:PutParameter` and `ssm:AddTagsToResource` . On stack creation, AWS CloudFormation adds the following three tags to the parameter: `aws:cloudformation:stack-name` , `aws:cloudformation:logical-id` , and `aws:cloudformation:stack-id` , in addition to any custom tags you specify. > > To add, update, or remove tags during stack update, you must have IAM permissions for both `ssm:AddTagsToResource` and `ssm:RemoveTagsFromResource` . For more information, see [Managing Access Using Policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the *AWS Systems Manager User Guide* .
For information about valid values for parameters, see [Requirements and Constraints for Parameter Names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the *AWS Systems Manager User Guide* and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the *AWS Systems Manager API Reference* .
TODO: EXAMPLE
func NewCfnParameter ¶
func NewCfnParameter(scope constructs.Construct, id *string, props *CfnParameterProps) CfnParameter
Create a new `AWS::SSM::Parameter`.
type CfnParameterProps ¶
type CfnParameterProps struct { // The type of parameter. // // > AWS CloudFormation doesn't support creating a `SecureString` parameter type. // // *Allowed Values* : String | StringList Type *string `json:"type"` // The parameter value. Value *string `json:"value"` // A regular expression used to validate the parameter value. // // For example, for String types with values restricted to numbers, you can specify the following: `AllowedPattern=^\d+$` AllowedPattern *string `json:"allowedPattern"` // The data type of the parameter, such as `text` or `aws:ec2:image` . // // The default is `text` . DataType *string `json:"dataType"` // Information about the parameter. Description *string `json:"description"` // The name of the parameter. Name *string `json:"name"` // Information about the policies assigned to a parameter. // // [Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* . Policies *string `json:"policies"` // Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). // // Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter. Tags interface{} `json:"tags"` // The parameter tier. Tier *string `json:"tier"` }
Properties for defining a `CfnParameter`.
TODO: EXAMPLE
type CfnPatchBaseline ¶
type CfnPatchBaseline interface { awscdk.CfnResource awscdk.IInspectable ApprovalRules() interface{} SetApprovalRules(val interface{}) ApprovedPatches() *[]*string SetApprovedPatches(val *[]*string) ApprovedPatchesComplianceLevel() *string SetApprovedPatchesComplianceLevel(val *string) ApprovedPatchesEnableNonSecurity() interface{} SetApprovedPatchesEnableNonSecurity(val interface{}) CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string CreationStack() *[]*string Description() *string SetDescription(val *string) GlobalFilters() interface{} SetGlobalFilters(val interface{}) LogicalId() *string Name() *string SetName(val *string) Node() constructs.Node OperatingSystem() *string SetOperatingSystem(val *string) PatchGroups() *[]*string SetPatchGroups(val *[]*string) Ref() *string RejectedPatches() *[]*string SetRejectedPatches(val *[]*string) RejectedPatchesAction() *string SetRejectedPatchesAction(val *string) Sources() interface{} SetSources(val interface{}) Stack() awscdk.Stack Tags() awscdk.TagManager UpdatedProperites() *map[string]interface{} AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::PatchBaseline`.
The `AWS::SSM::PatchBaseline` resource defines the basic information for an AWS Systems Manager patch baseline. A patch baseline defines which patches are approved for installation on your instances.
For more information, see [CreatePatchBaseline](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreatePatchBaseline.html) in the *AWS Systems Manager API Reference* .
TODO: EXAMPLE
func NewCfnPatchBaseline ¶
func NewCfnPatchBaseline(scope constructs.Construct, id *string, props *CfnPatchBaselineProps) CfnPatchBaseline
Create a new `AWS::SSM::PatchBaseline`.
type CfnPatchBaselineProps ¶
type CfnPatchBaselineProps struct { // The name of the patch baseline. Name *string `json:"name"` // A set of rules used to include patches in the baseline. ApprovalRules interface{} `json:"approvalRules"` // A list of explicitly approved patches for the baseline. // // For information about accepted formats for lists of approved patches and rejected patches, see [About package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* . ApprovedPatches *[]*string `json:"approvedPatches"` // Defines the compliance level for approved patches. // // When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` . ApprovedPatchesComplianceLevel *string `json:"approvedPatchesComplianceLevel"` // Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes. // // The default value is `false` . Applies to Linux managed nodes only. ApprovedPatchesEnableNonSecurity interface{} `json:"approvedPatchesEnableNonSecurity"` // A description of the patch baseline. Description *string `json:"description"` // A set of global filters used to include patches in the baseline. GlobalFilters interface{} `json:"globalFilters"` // Defines the operating system the patch baseline applies to. // // The default value is `WINDOWS` . OperatingSystem *string `json:"operatingSystem"` // The name of the patch group to be registered with the patch baseline. PatchGroups *[]*string `json:"patchGroups"` // A list of explicitly rejected patches for the baseline. // // For information about accepted formats for lists of approved patches and rejected patches, see [About package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* . RejectedPatches *[]*string `json:"rejectedPatches"` // The action for Patch Manager to take on patches included in the `RejectedPackages` list. // // - *`ALLOW_AS_DEPENDENCY`* : A package in the `Rejected` patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `InstalledOther` . This is the default action if no option is specified. // - *`BLOCK`* : Packages in the `RejectedPatches` list, and packages that include them as dependencies, aren't installed under any circumstances. If a package was installed before it was added to the Rejected patches list, it is considered non-compliant with the patch baseline, and its status is reported as `InstalledRejected` . RejectedPatchesAction *string `json:"rejectedPatchesAction"` // Information about the patches to use to update the managed nodes, including target operating systems and source repositories. // // Applies to Linux managed nodes only. Sources interface{} `json:"sources"` // Optional metadata that you assign to a resource. // // Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to. Tags *[]*awscdk.CfnTag `json:"tags"` }
Properties for defining a `CfnPatchBaseline`.
TODO: EXAMPLE
type CfnPatchBaseline_PatchFilterGroupProperty ¶
type CfnPatchBaseline_PatchFilterGroupProperty struct {
// The set of patch filters that make up the group.
PatchFilters interface{} `json:"patchFilters"`
}
The `PatchFilterGroup` property type specifies a set of patch filters for an AWS Systems Manager patch baseline, typically used for approval rules for a Systems Manager patch baseline.
`PatchFilterGroup` is the property type for the `GlobalFilters` property of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource and the `PatchFilterGroup` property of the [Rule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html) property type.
TODO: EXAMPLE
type CfnPatchBaseline_PatchFilterProperty ¶
type CfnPatchBaseline_PatchFilterProperty struct { // The key for the filter. // // For information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* . Key *string `json:"key"` // The value for the filter key. // // For information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* . Values *[]*string `json:"values"` }
The `PatchFilter` property type defines a patch filter for an AWS Systems Manager patch baseline.
The `PatchFilters` property of the [PatchFilterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-patchfiltergroup.html) property type contains a list of `PatchFilter` property types.
You can view lists of valid values for the patch properties by running the `DescribePatchProperties` command. For more information, see [DescribePatchProperties](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchProperties.html) in the *AWS Systems Manager API Reference* .
TODO: EXAMPLE
type CfnPatchBaseline_PatchSourceProperty ¶
type CfnPatchBaseline_PatchSourceProperty struct { // The value of the yum repo configuration. For example:. // // `[main]` // // `name=MyCustomRepository` // // `baseurl=https://my-custom-repository` // // `enabled=1` // // > For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) . Configuration *string `json:"configuration"` // The name specified to identify the patch source. Name *string `json:"name"` // The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "AmazonLinux2016.09", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* . Products *[]*string `json:"products"` }
`PatchSource` is the property type for the `Sources` resource of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource.
The AWS CloudFormation `AWS::SSM::PatchSource` resource is used to provide information about the patches to use to update target instances, including target operating systems and source repository. Applies to Linux instances only.
TODO: EXAMPLE
type CfnPatchBaseline_RuleGroupProperty ¶
type CfnPatchBaseline_RuleGroupProperty struct {
// The rules that make up the rule group.
PatchRules interface{} `json:"patchRules"`
}
The `RuleGroup` property type specifies a set of rules that define the approval rules for an AWS Systems Manager patch baseline.
`RuleGroup` is the property type for the `ApprovalRules` property of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource.
TODO: EXAMPLE
type CfnPatchBaseline_RuleProperty ¶
type CfnPatchBaseline_RuleProperty struct { // The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. // // For example, a value of `7` means that patches are approved seven days after they are released. // // You must specify a value for `ApproveAfterDays` . // // Exception: Not supported on Debian Server or Ubuntu Server. ApproveAfterDays *float64 `json:"approveAfterDays"` // The cutoff date for auto approval of released patches. // // Any patches released on or before this date are installed automatically. Not supported on Debian Server or Ubuntu Server. // // Enter dates in the format `YYYY-MM-DD` . For example, `2021-12-31` . ApproveUntilDate *string `json:"approveUntilDate"` // A compliance severity level for all approved patches in a patch baseline. // // Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` . ComplianceLevel *string `json:"complianceLevel"` // For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. // // The default value is `false` . Applies to Linux managed nodes only. EnableNonSecurity interface{} `json:"enableNonSecurity"` // The patch filter group that defines the criteria for the rule. PatchFilterGroup interface{} `json:"patchFilterGroup"` }
The `Rule` property type specifies an approval rule for a Systems Manager patch baseline.
The `PatchRules` property of the [RuleGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rulegroup.html) property type contains a list of `Rule` property types.
TODO: EXAMPLE
type CfnResourceDataSync ¶
type CfnResourceDataSync interface { awscdk.CfnResource awscdk.IInspectable AttrSyncName() *string BucketName() *string SetBucketName(val *string) BucketPrefix() *string SetBucketPrefix(val *string) BucketRegion() *string SetBucketRegion(val *string) CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} CfnResourceType() *string CreationStack() *[]*string KmsKeyArn() *string SetKmsKeyArn(val *string) LogicalId() *string Node() constructs.Node Ref() *string S3Destination() interface{} SetS3Destination(val interface{}) Stack() awscdk.Stack SyncFormat() *string SetSyncFormat(val *string) SyncName() *string SetSyncName(val *string) SyncSource() interface{} SetSyncSource(val interface{}) SyncType() *string SetSyncType(val *string) UpdatedProperites() *map[string]interface{} AddDeletionOverride(path *string) AddDependsOn(target awscdk.CfnResource) AddMetadata(key *string, value interface{}) AddOverride(path *string, value interface{}) AddPropertyDeletionOverride(propertyPath *string) AddPropertyOverride(propertyPath *string, value interface{}) ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) GetAtt(attributeName *string) awscdk.Reference GetMetadata(key *string) interface{} Inspect(inspector awscdk.TreeInspector) OverrideLogicalId(newLogicalId *string) RenderProperties(props *map[string]interface{}) *map[string]interface{} ShouldSynthesize() *bool ToString() *string ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::SSM::ResourceDataSync`.
The `AWS::SSM::ResourceDataSync` resource creates, updates, or deletes a resource data sync for AWS Systems Manager . A resource data sync helps you view data from multiple sources in a single location. Systems Manager offers two types of resource data sync: `SyncToDestination` and `SyncFromSource` .
You can configure Systems Manager Inventory to use the `SyncToDestination` type to synchronize Inventory data from multiple AWS Regions to a single Amazon S3 bucket.
You can configure Systems Manager Explorer to use the `SyncFromSource` type to synchronize operational work items (OpsItems) and operational data (OpsData) from multiple AWS Regions . This type can synchronize OpsItems and OpsData from multiple AWS accounts and Regions or from an `EntireOrganization` by using AWS Organizations .
A resource data sync is an asynchronous operation that returns immediately. After a successful initial sync is completed, the system continuously syncs data.
By default, data is not encrypted in Amazon S3 . We strongly recommend that you enable encryption in Amazon S3 to ensure secure data storage. We also recommend that you secure access to the Amazon S3 bucket by creating a restrictive bucket policy.
For more information, see [Configuring Inventory Collection](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-configuring.html#sysman-inventory-datasync) and [Setting Up Systems Manager Explorer to Display Data from Multiple Accounts and Regions](https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resource-data-sync.html) in the *AWS Systems Manager User Guide* .
Important: The following *Syntax* section shows all fields that are supported for a resource data sync. The *Examples* section below shows the recommended way to specify configurations for each sync type. Please see the *Examples* section when you create your resource data sync.
TODO: EXAMPLE
func NewCfnResourceDataSync ¶
func NewCfnResourceDataSync(scope constructs.Construct, id *string, props *CfnResourceDataSyncProps) CfnResourceDataSync
Create a new `AWS::SSM::ResourceDataSync`.
type CfnResourceDataSyncProps ¶
type CfnResourceDataSyncProps struct { // A name for the resource data sync. SyncName *string `json:"syncName"` // The name of the S3 bucket where the aggregated data is stored. BucketName *string `json:"bucketName"` // An Amazon S3 prefix for the bucket. BucketPrefix *string `json:"bucketPrefix"` // The AWS Region with the S3 bucket targeted by the resource data sync. BucketRegion *string `json:"bucketRegion"` // The ARN of an encryption key for a destination in Amazon S3 . // // You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same region as the destination Amazon S3 bucket. KmsKeyArn *string `json:"kmsKeyArn"` // Configuration information for the target S3 bucket. S3Destination interface{} `json:"s3Destination"` // A supported sync format. // // The following format is currently supported: JsonSerDe SyncFormat *string `json:"syncFormat"` // Information about the source where the data was synchronized. SyncSource interface{} `json:"syncSource"` // The type of resource data sync. // // If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions . SyncType *string `json:"syncType"` }
Properties for defining a `CfnResourceDataSync`.
TODO: EXAMPLE
type CfnResourceDataSync_AwsOrganizationsSourceProperty ¶
type CfnResourceDataSync_AwsOrganizationsSourceProperty struct { // If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . // // For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization. OrganizationSourceType *string `json:"organizationSourceType"` // The AWS Organizations organization units included in the sync. OrganizationalUnits *[]*string `json:"organizationalUnits"` }
Information about the `AwsOrganizationsSource` resource data sync source.
A sync source of this type can synchronize data from AWS Organizations or, if an AWS organization isn't present, from multiple AWS Regions .
TODO: EXAMPLE
type CfnResourceDataSync_S3DestinationProperty ¶
type CfnResourceDataSync_S3DestinationProperty struct { // The name of the S3 bucket where the aggregated data is stored. BucketName *string `json:"bucketName"` // The AWS Region with the S3 bucket targeted by the resource data sync. BucketRegion *string `json:"bucketRegion"` // A supported sync format. // // The following format is currently supported: JsonSerDe SyncFormat *string `json:"syncFormat"` // An Amazon S3 prefix for the bucket. BucketPrefix *string `json:"bucketPrefix"` // The ARN of an encryption key for a destination in Amazon S3. // // Must belong to the same Region as the destination S3 bucket. KmsKeyArn *string `json:"kmsKeyArn"` }
Information about the target S3 bucket for the resource data sync.
TODO: EXAMPLE
type CfnResourceDataSync_SyncSourceProperty ¶
type CfnResourceDataSync_SyncSourceProperty struct { // The `SyncSource` AWS Regions included in the resource data sync. SourceRegions *[]*string `json:"sourceRegions"` // The type of data source for the resource data sync. // // `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` . SourceType *string `json:"sourceType"` // Information about the AwsOrganizationsSource resource data sync source. // // A sync source of this type can synchronize data from AWS Organizations . AwsOrganizationsSource interface{} `json:"awsOrganizationsSource"` // Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online. IncludeFutureRegions interface{} `json:"includeFutureRegions"` }
Information about the source of the data included in the resource data sync.
TODO: EXAMPLE
type CommonStringParameterAttributes ¶
type CommonStringParameterAttributes struct { // The name of the parameter store value. // // This value can be a token or a concrete string. If it is a concrete string // and includes "/" it must also be prefixed with a "/" (fully-qualified). ParameterName *string `json:"parameterName"` // Indicates of the parameter name is a simple name (i.e. does not include "/" separators). // // This is only required only if `parameterName` is a token, which means we // are unable to detect if the name is simple or "path-like" for the purpose // of rendering SSM parameter ARNs. // // If `parameterName` is not specified, `simpleName` must be `true` (or // undefined) since the name generated by AWS CloudFormation is always a // simple name. SimpleName *bool `json:"simpleName"` }
Common attributes for string parameters.
TODO: EXAMPLE
type IParameter ¶
type IParameter interface { awscdk.IResource // Grants read (DescribeParameter, GetParameter, GetParameterHistory) permissions on the SSM Parameter. GrantRead(grantee awsiam.IGrantable) awsiam.Grant // Grants write (PutParameter) permissions on the SSM Parameter. GrantWrite(grantee awsiam.IGrantable) awsiam.Grant // The ARN of the SSM Parameter resource. ParameterArn() *string // The name of the SSM Parameter resource. ParameterName() *string // The type of the SSM Parameter resource. ParameterType() *string }
An SSM Parameter reference.
type IStringListParameter ¶
type IStringListParameter interface { IParameter // The parameter value. // // Value must not nest another parameter. Do not use {{}} in the value. Values in the array // cannot contain commas (“,“). StringListValue() *[]*string }
A StringList SSM Parameter.
func StringListParameter_FromStringListParameterName ¶
func StringListParameter_FromStringListParameterName(scope constructs.Construct, id *string, stringListParameterName *string) IStringListParameter
Imports an external parameter of type string list.
Returns a token and should not be parsed.
type IStringParameter ¶
type IStringParameter interface { IParameter // The parameter value. // // Value must not nest another parameter. Do not use {{}} in the value. StringValue() *string }
A String SSM Parameter.
func StringParameter_FromSecureStringParameterAttributes ¶
func StringParameter_FromSecureStringParameterAttributes(scope constructs.Construct, id *string, attrs *SecureStringParameterAttributes) IStringParameter
Imports a secure string parameter from the SSM parameter store.
func StringParameter_FromStringParameterAttributes ¶
func StringParameter_FromStringParameterAttributes(scope constructs.Construct, id *string, attrs *StringParameterAttributes) IStringParameter
Imports an external string parameter with name and optional version.
func StringParameter_FromStringParameterName ¶
func StringParameter_FromStringParameterName(scope constructs.Construct, id *string, stringParameterName *string) IStringParameter
Imports an external string parameter by name.
type ParameterDataType ¶
type ParameterDataType string
SSM parameter data type.
const ( ParameterDataType_TEXT ParameterDataType = "TEXT" ParameterDataType_AWS_EC2_IMAGE ParameterDataType = "AWS_EC2_IMAGE" )
type ParameterOptions ¶
type ParameterOptions struct { // A regular expression used to validate the parameter value. // // For example, for String types with values restricted to // numbers, you can specify the following: “^\d+$“ AllowedPattern *string `json:"allowedPattern"` // Information about the parameter that you want to add to the system. Description *string `json:"description"` // The name of the parameter. ParameterName *string `json:"parameterName"` // Indicates of the parameter name is a simple name (i.e. does not include "/" separators). // // This is only required only if `parameterName` is a token, which means we // are unable to detect if the name is simple or "path-like" for the purpose // of rendering SSM parameter ARNs. // // If `parameterName` is not specified, `simpleName` must be `true` (or // undefined) since the name generated by AWS CloudFormation is always a // simple name. SimpleName *bool `json:"simpleName"` // The tier of the string parameter. Tier ParameterTier `json:"tier"` }
Properties needed to create a new SSM Parameter.
TODO: EXAMPLE
type ParameterTier ¶
type ParameterTier string
SSM parameter tier.
TODO: EXAMPLE
const ( ParameterTier_ADVANCED ParameterTier = "ADVANCED" ParameterTier_INTELLIGENT_TIERING ParameterTier = "INTELLIGENT_TIERING" ParameterTier_STANDARD ParameterTier = "STANDARD" )
type ParameterType ¶
type ParameterType string
SSM parameter type.
const ( ParameterType_STRING ParameterType = "STRING" ParameterType_SECURE_STRING ParameterType = "SECURE_STRING" ParameterType_STRING_LIST ParameterType = "STRING_LIST" ParameterType_AWS_EC2_IMAGE_ID ParameterType = "AWS_EC2_IMAGE_ID" )
type SecureStringParameterAttributes ¶
type SecureStringParameterAttributes struct { // The name of the parameter store value. // // This value can be a token or a concrete string. If it is a concrete string // and includes "/" it must also be prefixed with a "/" (fully-qualified). ParameterName *string `json:"parameterName"` // Indicates of the parameter name is a simple name (i.e. does not include "/" separators). // // This is only required only if `parameterName` is a token, which means we // are unable to detect if the name is simple or "path-like" for the purpose // of rendering SSM parameter ARNs. // // If `parameterName` is not specified, `simpleName` must be `true` (or // undefined) since the name generated by AWS CloudFormation is always a // simple name. SimpleName *bool `json:"simpleName"` // The encryption key that is used to encrypt this parameter. EncryptionKey awskms.IKey `json:"encryptionKey"` // The version number of the value you wish to retrieve. Version *float64 `json:"version"` }
Attributes for secure string parameters.
TODO: EXAMPLE
type StringListParameter ¶
type StringListParameter interface { awscdk.Resource IParameter IStringListParameter EncryptionKey() awskms.IKey Env() *awscdk.ResourceEnvironment Node() constructs.Node ParameterArn() *string ParameterName() *string ParameterType() *string PhysicalName() *string Stack() awscdk.Stack StringListValue() *[]*string ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string GetResourceNameAttribute(nameAttr *string) *string GrantRead(grantee awsiam.IGrantable) awsiam.Grant GrantWrite(grantee awsiam.IGrantable) awsiam.Grant ToString() *string }
Creates a new StringList SSM Parameter.
TODO: EXAMPLE
func NewStringListParameter ¶
func NewStringListParameter(scope constructs.Construct, id *string, props *StringListParameterProps) StringListParameter
type StringListParameterProps ¶
type StringListParameterProps struct { // A regular expression used to validate the parameter value. // // For example, for String types with values restricted to // numbers, you can specify the following: “^\d+$“ AllowedPattern *string `json:"allowedPattern"` // Information about the parameter that you want to add to the system. Description *string `json:"description"` // The name of the parameter. ParameterName *string `json:"parameterName"` // Indicates of the parameter name is a simple name (i.e. does not include "/" separators). // // This is only required only if `parameterName` is a token, which means we // are unable to detect if the name is simple or "path-like" for the purpose // of rendering SSM parameter ARNs. // // If `parameterName` is not specified, `simpleName` must be `true` (or // undefined) since the name generated by AWS CloudFormation is always a // simple name. SimpleName *bool `json:"simpleName"` // The tier of the string parameter. Tier ParameterTier `json:"tier"` // The values of the parameter. // // It may not reference another parameter and “{{}}“ cannot be used in the value. StringListValue *[]*string `json:"stringListValue"` }
Properties needed to create a StringList SSM Parameter.
TODO: EXAMPLE
type StringParameter ¶
type StringParameter interface { awscdk.Resource IParameter IStringParameter EncryptionKey() awskms.IKey Env() *awscdk.ResourceEnvironment Node() constructs.Node ParameterArn() *string ParameterName() *string ParameterType() *string PhysicalName() *string Stack() awscdk.Stack StringValue() *string ApplyRemovalPolicy(policy awscdk.RemovalPolicy) GeneratePhysicalName() *string GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string GetResourceNameAttribute(nameAttr *string) *string GrantRead(grantee awsiam.IGrantable) awsiam.Grant GrantWrite(grantee awsiam.IGrantable) awsiam.Grant ToString() *string }
Creates a new String SSM Parameter.
TODO: EXAMPLE
func NewStringParameter ¶
func NewStringParameter(scope constructs.Construct, id *string, props *StringParameterProps) StringParameter
type StringParameterAttributes ¶
type StringParameterAttributes struct { // The name of the parameter store value. // // This value can be a token or a concrete string. If it is a concrete string // and includes "/" it must also be prefixed with a "/" (fully-qualified). ParameterName *string `json:"parameterName"` // Indicates of the parameter name is a simple name (i.e. does not include "/" separators). // // This is only required only if `parameterName` is a token, which means we // are unable to detect if the name is simple or "path-like" for the purpose // of rendering SSM parameter ARNs. // // If `parameterName` is not specified, `simpleName` must be `true` (or // undefined) since the name generated by AWS CloudFormation is always a // simple name. SimpleName *bool `json:"simpleName"` // The type of the string parameter. Type ParameterType `json:"type"` // The version number of the value you wish to retrieve. Version *float64 `json:"version"` }
Attributes for parameters of various types of string.
TODO: EXAMPLE
See: ParameterType
type StringParameterProps ¶
type StringParameterProps struct { // A regular expression used to validate the parameter value. // // For example, for String types with values restricted to // numbers, you can specify the following: “^\d+$“ AllowedPattern *string `json:"allowedPattern"` // Information about the parameter that you want to add to the system. Description *string `json:"description"` // The name of the parameter. ParameterName *string `json:"parameterName"` // Indicates of the parameter name is a simple name (i.e. does not include "/" separators). // // This is only required only if `parameterName` is a token, which means we // are unable to detect if the name is simple or "path-like" for the purpose // of rendering SSM parameter ARNs. // // If `parameterName` is not specified, `simpleName` must be `true` (or // undefined) since the name generated by AWS CloudFormation is always a // simple name. SimpleName *bool `json:"simpleName"` // The tier of the string parameter. Tier ParameterTier `json:"tier"` // The value of the parameter. // // It may not reference another parameter and “{{}}“ cannot be used in the value. StringValue *string `json:"stringValue"` // The data type of the parameter, such as `text` or `aws:ec2:image`. DataType ParameterDataType `json:"dataType"` // The type of the string parameter. Type ParameterType `json:"type"` }
Properties needed to create a String SSM parameter.
TODO: EXAMPLE