parameters

Creates, updates, deletes or gets a parameter resource or lists parameters in a region

Overview

Name	`parameters`
Type	Resource
Description	The `AWS::SSM::Parameter` resource creates an SSM parameter in SYSlong Parameter Store. To create an SSM parameter, you must have the IAMlong (IAM) permissions `ssm:PutParameter` and `ssm:AddTagsToResource`. On stack creation, CFNlong adds the following three tags to the parameter: `aws:cloudformation:stack-name`, `aws:cloudformation:logical-id`, and `aws:cloudformation:stack-id`, in addition to any custom tags you specify. To add, update, or remove tags during stack update, you must have IAM permissions for both `ssm:AddTagsToResource` and `ssm:RemoveTagsFromResource`. For more information, see [Managing Access Using Policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the User Guide. For information about valid values for parameters, see [About requirements and constraints for parameter names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the User Guide and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the API Reference.
Id	`aws.ssm.parameters`

Fields

Name	Datatype	Description
`type`	`string`	The type of parameter.
`value`	`string`	The parameter value. If type is `StringList`, the system returns a comma-separated string with no spaces between commas in the `Value` field.
`description`	`string`	Information about the parameter.
`policies`	`string`	Information about the policies assigned to a parameter. [Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the User Guide.
`allowed_pattern`	`string`	A regular expression used to validate the parameter value. For example, for `String` types with values restricted to numbers, you can specify the following: `AllowedPattern=^\d+$`
`tier`	`string`	The parameter tier.
`tags`	`object`	Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs). Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a SYS parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.
`data_type`	`string`	The data type of the parameter, such as `text` or `aws:ec2:image`. The default is `text`.
`name`	`string`	The name of the parameter. The maximum length constraint listed below includes capacity for additional system attributes that aren't part of the name. The maximum length for a parameter name, including the full length of the parameter Amazon Resource Name (ARN), is 1011 characters. For example, the length of the following parameter name is 65 characters, not 20 characters: `arn:aws:ssm:us-east-2:111222333444:parameter/ExampleParameterName`
`region`	`string`	AWS region.

Methods

Name	Accessible by	Required Params
`create_resource`	`INSERT`	`Value, Type, region`
`delete_resource`	`DELETE`	`data__Identifier, region`
`update_resource`	`UPDATE`	`data__Identifier, data__PatchDocument, region`
`list_resources`	`SELECT`	`region`
`get_resource`	`SELECT`	`data__Identifier, region`

`SELECT` examples

Gets all parameters in a region.

SELECT
region,
type,
value,
description,
policies,
allowed_pattern,
tier,
tags,
data_type,
name
FROM aws.ssm.parameters
WHERE region = 'us-east-1';

Gets all properties from an individual parameter.

SELECT
region,
type,
value,
description,
policies,
allowed_pattern,
tier,
tags,
data_type,
name
FROM aws.ssm.parameters
WHERE region = 'us-east-1' AND data__Identifier = '<Name>';

`INSERT` example

Use the following StackQL query and manifest file to create a new parameter resource, using stack-deploy.

Required Properties
All Properties
Manifest

/*+ create */
INSERT INTO aws.ssm.parameters (
 Type,
 Value,
 region
)
SELECT 
'{{ Type }}',
 '{{ Value }}',
'{{ region }}';

/*+ create */
INSERT INTO aws.ssm.parameters (
 Type,
 Value,
 Description,
 Policies,
 AllowedPattern,
 Tier,
 Tags,
 DataType,
 Name,
 region
)
SELECT 
 '{{ Type }}',
 '{{ Value }}',
 '{{ Description }}',
 '{{ Policies }}',
 '{{ AllowedPattern }}',
 '{{ Tier }}',
 '{{ Tags }}',
 '{{ DataType }}',
 '{{ Name }}',
 '{{ region }}';

version: 1
name: stack name
description: stack description
providers:
  - aws
globals:
  - name: region
    value: '{{ vars.AWS_REGION }}'
resources:
  - name: parameter
    props:
      - name: Type
        value: '{{ Type }}'
      - name: Value
        value: '{{ Value }}'
      - name: Description
        value: '{{ Description }}'
      - name: Policies
        value: '{{ Policies }}'
      - name: AllowedPattern
        value: '{{ AllowedPattern }}'
      - name: Tier
        value: '{{ Tier }}'
      - name: Tags
        value: {}
      - name: DataType
        value: '{{ DataType }}'
      - name: Name
        value: '{{ Name }}'

`DELETE` example

/*+ delete */
DELETE FROM aws.ssm.parameters
WHERE data__Identifier = '<Name>'
AND region = 'us-east-1';

Permissions

To operate on the parameters resource, the following permissions are required:

Create

ssm:PutParameter,
ssm:AddTagsToResource,
ssm:GetParameters

Read

ssm:GetParameters

Update

ssm:PutParameter,
ssm:AddTagsToResource,
ssm:RemoveTagsFromResource,
ssm:GetParameters

Delete

ssm:DeleteParameter

List

ssm:DescribeParameters

Overview​

Fields​

Methods​

SELECT examples​

INSERT example​

DELETE example​

Permissions​

Create​

Read​

Update​

Delete​

List​