parameters

Creates, updates, deletes or gets a parameter resource or lists parameters in a region

Overview

Name	`parameters`
Type	Resource
Description	The ``AWS::SSM::Parameter`` resource creates an SSM parameter in SYSlong Parameter Store. To create an SSM parameter, you must have the IAMlong (IAM) permissions ``ssm:PutParameter`` and ``ssm:AddTagsToResource``. On stack creation, CFNlong adds the following three tags to the parameter: ``aws:cloudformation:stack-name``, ``aws:cloudformation:logical-id``, and ``aws:cloudformation:stack-id``, in addition to any custom tags you specify. To add, update, or remove tags during stack update, you must have IAM permissions for both ``ssm:AddTagsToResource`` and ``ssm:RemoveTagsFromResource``. For more information, see [Managing access using policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the User Guide. For information about valid values for parameters, see [About requirements and constraints for parameter names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the User Guide and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the API Reference.
Id	`awscc.ssm.parameters`

Fields

get (all properties)
list (identifiers only)

Name	Datatype	Description
`type`	`string`	The type of parameter.<br />Parameters of type ``SecureString`` are not supported by CFNlong.
`value`	`string`	The parameter value.<br />If type is ``StringList``, the system returns a comma-separated string with no spaces between commas in the ``Value`` field.
`description`	`string`	Information about the parameter.
`policies`	`string`	Information about the policies assigned to a parameter.<br />[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the User Guide.
`allowed_pattern`	`string`	A regular expression used to validate the parameter value. For example, for ``String`` types with values restricted to numbers, you can specify the following: ``AllowedPattern=^\d+$``
`tier`	`string`	The parameter tier.
`tags`	`object`	Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.
`data_type`	`string`	The data type of the parameter, such as ``text`` or ``aws:ec2:image``. The default is ``text``.
`name`	`string`	The name of the parameter.<br />The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by SYS. The maximum length for a parameter name that you specify is 1011 characters.<br />This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: ``arn:aws:ssm:us-east-2:111122223333:parameter/``.
`region`	`string`	AWS region.

Name	Datatype	Description
`name`	`string`	The name of the parameter.<br />The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by SYS. The maximum length for a parameter name that you specify is 1011 characters.<br />This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: ``arn:aws:ssm:us-east-2:111122223333:parameter/``.
`region`	`string`	AWS region.

For more information, see AWS::SSM::Parameter.

Methods

Name	Resource	Accessible by	Required Params
`create_resource`	`parameters`	`INSERT`	`Value, Type, region`
`delete_resource`	`parameters`	`DELETE`	`Identifier, region`
`update_resource`	`parameters`	`UPDATE`	`Identifier, PatchDocument, region`
`list_resources`	`parameters_list_only`	`SELECT`	`region`
`get_resource`	`parameters`	`SELECT`	`Identifier, region`

`SELECT` examples

get (all properties)
list (identifiers only)

Gets all properties from an individual parameter.

SELECT
  region,
  type,
  value,
  description,
  policies,
  allowed_pattern,
  tier,
  tags,
  data_type,
  name
FROM awscc.ssm.parameters
WHERE
  region = 'us-east-1' AND
  Identifier = '{{ name }}';

Lists all parameters in a region.

SELECT
  region,
  name
FROM awscc.ssm.parameters_list_only
WHERE
  region = 'us-east-1';

`INSERT` example

Use the following StackQL query and manifest file to create a new parameter resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO awscc.ssm.parameters (
  Type,
  Value,
  region
)
SELECT
  '{{ type }}',
  '{{ value }}',
  '{{ region }}';

/*+ create */
INSERT INTO awscc.ssm.parameters (
  Type,
  Value,
  Description,
  Policies,
  AllowedPattern,
  Tier,
  Tags,
  DataType,
  Name,
  region
)
SELECT
  '{{ type }}',
  '{{ value }}',
  '{{ description }}',
  '{{ policies }}',
  '{{ allowed_pattern }}',
  '{{ tier }}',
  '{{ tags }}',
  '{{ data_type }}',
  '{{ name }}',
  '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: parameter
    props:
      - name: type
        value: '{{ type }}'
      - name: value
        value: '{{ value }}'
      - name: description
        value: '{{ description }}'
      - name: policies
        value: '{{ policies }}'
      - name: allowed_pattern
        value: '{{ allowed_pattern }}'
      - name: tier
        value: '{{ tier }}'
      - name: tags
        value: {}
      - name: data_type
        value: '{{ data_type }}'
      - name: name
        value: '{{ name }}'

`UPDATE` example

Use the following StackQL query and manifest file to update a parameter resource, using stack-deploy.

/*+ update */
UPDATE awscc.ssm.parameters
SET PatchDocument = string('{{ {
    "Type": type,
    "Value": value,
    "Description": description,
    "Policies": policies,
    "AllowedPattern": allowed_pattern,
    "Tier": tier,
    "Tags": tags,
    "DataType": data_type
} | generate_patch_document }}')
WHERE
  region = '{{ region }}' AND
  Identifier = '{{ name }}';

`DELETE` example

/*+ delete */
DELETE FROM awscc.ssm.parameters
WHERE
  Identifier = '{{ name }}' AND
  region = 'us-east-1';

Permissions

To operate on the parameters resource, the following permissions are required:

Create
Read
Update
Delete
List

ssm:PutParameter,
ssm:AddTagsToResource,
ssm:GetParameters

ssm:GetParameters,
ssm:ListTagsForResource

ssm:PutParameter,
ssm:AddTagsToResource,
ssm:RemoveTagsFromResource,
ssm:GetParameters

ssm:DeleteParameter

ssm:DescribeParameters

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

UPDATE example​

DELETE example​

Permissions​