parameters
Creates, updates, deletes or gets a parameter resource or lists parameters in a region
Overview
| Name | parameters |
| Type | Resource |
| Description | The ``AWS::SSM::Parameter`` resource creates an SSM parameter in SYSlong Parameter Store. To create an SSM parameter, you must have the IAMlong (IAM) permissions ``ssm:PutParameter`` and ``ssm:AddTagsToResource``. On stack creation, CFNlong adds the following three tags to the parameter: ``aws:cloudformation:stack-name``, ``aws:cloudformation:logical-id``, and ``aws:cloudformation:stack-id``, in addition to any custom tags you specify. To add, update, or remove tags during stack update, you must have IAM permissions for both ``ssm:AddTagsToResource`` and ``ssm:RemoveTagsFromResource``. For more information, see [Managing access using policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the *User Guide*. For information about valid values for parameters, see [About requirements and constraints for parameter names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the *User Guide* and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the *API Reference*. |
| Id | awscc.ssm.parameters |
Fields
| Name | Datatype | Description |
|---|---|---|
type | string | The type of parameter.<br />Parameters of type ``SecureString`` are not supported by CFNlong. |
value | string | The parameter value.<br />If type is ``StringList``, the system returns a comma-separated string with no spaces between commas in the ``Value`` field. |
description | string | Information about the parameter. |
policies | string | Information about the policies assigned to a parameter.<br />[Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *User Guide*. |
allowed_pattern | string | A regular expression used to validate the parameter value. For example, for ``String`` types with values restricted to numbers, you can specify the following: ``AllowedPattern=^\d+$`` |
tier | string | The parameter tier. |
tags | object | Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter. |
data_type | string | The data type of the parameter, such as ``text`` or ``aws:ec2:image``. The default is ``text``. |
name | string | The name of the parameter.<br />The reported maximum length of 2048 characters for a parameter name includes 1037 characters that are reserved for internal use by SYS. The maximum length for a parameter name that you specify is 1011 characters.<br />This count of 1011 characters includes the characters in the ARN that precede the name you specify. This ARN length will vary depending on your partition and Region. For example, the following 45 characters count toward the 1011 character maximum for a parameter created in the US East (Ohio) Region: ``arn:aws:ssm:us-east-2:111122223333:parameter/``. |
region | string | AWS region. |
For more information, see AWS::SSM::Parameter.
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | Value, Type, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all properties from an individual parameter.
SELECT
region,
type,
value,
description,
policies,
allowed_pattern,
tier,
tags,
data_type,
name
FROM awscc.ssm.parameters
WHERE region = 'us-east-1' AND data__Identifier = '<Name>';
INSERT example
Use the following StackQL query and manifest file to create a new parameter resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.ssm.parameters (
Type,
Value,
region
)
SELECT
'{{ Type }}',
'{{ Value }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.ssm.parameters (
Type,
Value,
Description,
Policies,
AllowedPattern,
Tier,
Tags,
DataType,
Name,
region
)
SELECT
'{{ Type }}',
'{{ Value }}',
'{{ Description }}',
'{{ Policies }}',
'{{ AllowedPattern }}',
'{{ Tier }}',
'{{ Tags }}',
'{{ DataType }}',
'{{ Name }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: parameter
props:
- name: Type
value: '{{ Type }}'
- name: Value
value: '{{ Value }}'
- name: Description
value: '{{ Description }}'
- name: Policies
value: '{{ Policies }}'
- name: AllowedPattern
value: '{{ AllowedPattern }}'
- name: Tier
value: '{{ Tier }}'
- name: Tags
value: {}
- name: DataType
value: '{{ DataType }}'
- name: Name
value: '{{ Name }}'
DELETE example
/*+ delete */
DELETE FROM awscc.ssm.parameters
WHERE data__Identifier = '<Name>'
AND region = 'us-east-1';
Permissions
To operate on the parameters resource, the following permissions are required:
Create
ssm:PutParameter,
ssm:AddTagsToResource,
ssm:GetParameters
Read
ssm:GetParameters,
ssm:ListTagsForResource
Update
ssm:PutParameter,
ssm:AddTagsToResource,
ssm:RemoveTagsFromResource,
ssm:GetParameters
Delete
ssm:DeleteParameter
List
ssm:DescribeParameters