configuration_profiles
Creates, updates, deletes or gets a configuration_profile resource or lists configuration_profiles in a region
Overview
| Name | configuration_profiles |
| Type | Resource |
| Description | An example resource schema demonstrating some basic constructs and validation rules. |
| Id | awscc.appconfig.configuration_profiles |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
configuration_profile_id | string | The configuration profile ID |
location_uri | string | A URI to locate the configuration. You can specify the AWS AppConfig hosted configuration store, Systems Manager (SSM) document, an SSM Parameter Store parameter, or an Amazon S3 object. |
type | string | The type of configurations contained in the profile. When calling this API, enter one of the following values for Type: AWS.AppConfig.FeatureFlags, AWS.Freeform |
kms_key_identifier | string | The AWS Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated. |
description | string | A description of the configuration profile. |
kms_key_arn | string | The Amazon Resource Name of the AWS Key Management Service key to encrypt new configuration data versions in the AWS AppConfig hosted configuration store. This attribute is only used for hosted configuration types. To encrypt data managed in other configuration stores, see the documentation for how to specify an AWS KMS key for that particular service. |
validators | array | A list of methods for validating the configuration. |
retrieval_role_arn | string | The ARN of an IAM role with permission to access the configuration at the specified LocationUri. |
deletion_protection_check | string | On resource deletion this controls whether the Deletion Protection check should be applied, bypassed, or (the default) whether the behavior should be controlled by the account-level Deletion Protection setting. See https://docs.aws.amazon.com/appconfig/latest/userguide/deletion-protection.html |
application_id | string | The application ID. |
tags | array | Metadata to assign to the configuration profile. Tags help organize and categorize your AWS AppConfig resources. Each tag consists of a key and an optional value, both of which you define. |
name | string | A name for the configuration profile. |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
configuration_profile_id | string | The configuration profile ID |
application_id | string | The application ID. |
region | string | AWS region. |
For more information, see AWS::AppConfig::ConfigurationProfile.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | configuration_profiles | INSERT | LocationUri, ApplicationId, Name, region |
delete_resource | configuration_profiles | DELETE | Identifier, region |
update_resource | configuration_profiles | UPDATE | Identifier, PatchDocument, region |
list_resources | configuration_profiles_list_only | SELECT | region |
get_resource | configuration_profiles | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual configuration_profile.
SELECT
region,
configuration_profile_id,
location_uri,
type,
kms_key_identifier,
description,
kms_key_arn,
validators,
retrieval_role_arn,
deletion_protection_check,
application_id,
tags,
name
FROM awscc.appconfig.configuration_profiles
WHERE
region = 'us-east-1' AND
Identifier = '{{ application_id }}|{{ configuration_profile_id }}';
Lists all configuration_profiles in a region.
SELECT
region,
application_id,
configuration_profile_id
FROM awscc.appconfig.configuration_profiles_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new configuration_profile resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.appconfig.configuration_profiles (
LocationUri,
ApplicationId,
Name,
region
)
SELECT
'{{ location_uri }}',
'{{ application_id }}',
'{{ name }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.appconfig.configuration_profiles (
LocationUri,
Type,
KmsKeyIdentifier,
Description,
Validators,
RetrievalRoleArn,
DeletionProtectionCheck,
ApplicationId,
Tags,
Name,
region
)
SELECT
'{{ location_uri }}',
'{{ type }}',
'{{ kms_key_identifier }}',
'{{ description }}',
'{{ validators }}',
'{{ retrieval_role_arn }}',
'{{ deletion_protection_check }}',
'{{ application_id }}',
'{{ tags }}',
'{{ name }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: configuration_profile
props:
- name: location_uri
value: '{{ location_uri }}'
- name: type
value: '{{ type }}'
- name: kms_key_identifier
value: '{{ kms_key_identifier }}'
- name: description
value: '{{ description }}'
- name: validators
value:
- type: '{{ type }}'
content: '{{ content }}'
- name: retrieval_role_arn
value: '{{ retrieval_role_arn }}'
- name: deletion_protection_check
value: '{{ deletion_protection_check }}'
- name: application_id
value: '{{ application_id }}'
- name: tags
value:
- value: '{{ value }}'
key: '{{ key }}'
- name: name
value: '{{ name }}'
UPDATE example
Use the following StackQL query and manifest file to update a configuration_profile resource, using stack-deploy.
/*+ update */
UPDATE awscc.appconfig.configuration_profiles
SET PatchDocument = string('{{ {
"KmsKeyIdentifier": kms_key_identifier,
"Description": description,
"Validators": validators,
"RetrievalRoleArn": retrieval_role_arn,
"DeletionProtectionCheck": deletion_protection_check,
"Tags": tags,
"Name": name
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ application_id }}|{{ configuration_profile_id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.appconfig.configuration_profiles
WHERE
Identifier = '{{ application_id }}|{{ configuration_profile_id }}' AND
region = 'us-east-1';
Permissions
To operate on the configuration_profiles resource, the following permissions are required:
- Read
- Create
- Update
- List
- Delete
appconfig:GetConfigurationProfile,
appconfig:ListTagsForResource
appconfig:CreateConfigurationProfile,
appconfig:GetConfigurationProfile,
appconfig:TagResource,
appconfig:ListTagsForResource,
iam:PassRole
appconfig:UpdateConfigurationProfile,
appconfig:TagResource,
appconfig:UntagResource,
iam:PassRole
appconfig:ListConfigurationProfiles
appconfig:DeleteConfigurationProfile