Git Product home page Git Product logo

terraform-aws-ssm-parameter's Introduction

AWS SSM Parameter Store Terraform module

Terraform module which creates AWS SSM Parameters on AWS.

SWUbanner

Available Features

  • One of multiple SSM Parameters can be created
  • Value type guesser
  • Allow SSM Parameter to ignore changes in the value
  • Wrapper module which allows managing multiple resources with less code

Usage

Parameter as String

module "string" {
  source  = "terraform-aws-modules/ssm-parameter/aws"

  name  = "my-parameter"
  value = "some-value"
}

Parameter as SecureString

module "secret" {
  source  = "terraform-aws-modules/ssm-parameter/aws"

  name        = "my-secret-token"
  value       = "secret123123!!!"
  secure_type = true
}

Parameter as StringList

module "list" {
  source  = "terraform-aws-modules/ssm-parameter/aws"

  name   = "my-list-parameter"
  values = ["item1", "item2"] # "values" not "value"
}

Parameter with ignored value changes

module "list" {
  source  = "terraform-aws-modules/ssm-parameter/aws"

  ignore_value_changes = true

  name  = "my-parameter-ignore-value-changes"
  value = "some-value"
}

Multiple parameters

locals {
  parameters = {
    #########
    # String
    #########
    "string_simple" = {
      value = "string_value123"
    }
    "string" = {
      type            = "String"
      value           = "string_value123"
      tier            = "Intelligent-Tiering"
      allowed_pattern = "[a-z0-9_]+"
    }

    ###############
    # SecureString
    ###############
    "secure" = {
      type        = "SecureString"
      value       = "secret123123!!!"
      tier        = "Advanced"
      description = "My awesome password!"
    }
    "secure_encrypted_true" = {
      secure_type = true
      value       = "secret123123!!!"
      key_id      = "c938de44-1c09-4c91-89fd-b5881f06f317"
    }

    #############
    # StringList
    #############
    "list_as_autoguess_type" = {
      values = ["item1", "item2"]
    }
    "list_as_jsonencoded_string" = {
      type  = "StringList"
      value = jsonencode(["item1", "item2"])
    }
    "list_as_plain_string" = {
      type  = "StringList"
      value = "item1,item2"
    }
    "list_as_autoconvert_values" = {
      type   = "StringList"
      values = ["item1", "item2"]
    }
    "list_empty_as_jsonencoded_string" = {
      type  = "StringList"
      value = jsonencode([])
    }
  }
}

module "multiple" {
  source  = "terraform-aws-modules/ssm-parameter/aws"

  for_each = local.parameters

  name            = try(each.value.name, each.key)
  value           = try(each.value.value, null)
  values          = try(each.value.values, [])
  type            = try(each.value.type, null)
  secure_type     = try(each.value.secure_type, null)
  description     = try(each.value.description, null)
  tier            = try(each.value.tier, null)
  key_id          = try(each.value.key_id, null)
  allowed_pattern = try(each.value.allowed_pattern, null)
  data_type       = try(each.value.data_type, null)
}

Module wrappers

Users of this Terraform module can create multiple similar resources by using for_each meta-argument within module block which became available in Terraform 0.13.

Users of Terragrunt can achieve similar results by using modules provided in the wrappers directory, if they prefer to reduce amount of configuration files.

Examples

  • Complete - shows all possible ways to create parameters.

Conditional Creation

The following values are provided to toggle on/off creation of the associated resources as desired:

module "parameter" {
  source  = "terraform-aws-modules/ssm-parameter/aws"

  # Disable creation of all resources
  create = false

  # ... omitted
}

Requirements

Name Version
terraform >= 1.0
aws >= 4.37

Providers

Name Version
aws >= 4.37

Modules

No modules.

Resources

Name Type
aws_ssm_parameter.ignore_value resource
aws_ssm_parameter.this resource

Inputs

Name Description Type Default Required
allowed_pattern Regular expression used to validate the parameter value. string null no
create Whether to create SSM Parameter bool true no
data_type Data type of the parameter. Valid values: text, aws:ssm:integration and aws:ec2:image for AMI format. string null no
description Description of the parameter string null no
ignore_value_changes Whether to create SSM Parameter and ignore changes in value bool false no
key_id KMS key ID or ARN for encrypting a parameter (when type is SecureString) string null no
name Name of SSM parameter string null no
secure_type Whether the type of the value should be considered as secure or not? bool false no
tags A mapping of tags to assign to resources map(string) {} no
tier Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are Standard, Advanced, and Intelligent-Tiering. Downgrading an Advanced tier parameter to Standard will recreate the resource. string null no
type Type of the parameter. Valid types are String, StringList and SecureString. string null no
value Value of the parameter string null no
values List of values of the parameter (will be jsonencoded to store as string natively in SSM) list(string) [] no

Outputs

Name Description
insecure_value Insecure value of the parameter
raw_value Raw value of the parameter (as it is stored in SSM). Use 'value' output to get jsondecode'd value
secure_type Whether SSM parameter is a SecureString or not?
secure_value Secure value of the parameter
ssm_parameter_arn The ARN of the parameter
ssm_parameter_name Name of the parameter
ssm_parameter_tags_all All tags used for the parameter
ssm_parameter_type Type of the parameter
ssm_parameter_version Version of the parameter
value Parameter value after jsondecode(). Probably this is what you are looking for

Authors

Module is maintained by Anton Babenko with help from these awesome contributors.

License

Apache 2 Licensed. See LICENSE for full details.

terraform-aws-ssm-parameter's People

Contributors

antonbabenko avatar semantic-release-bot avatar yujunz avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.