@pulumi/aws
Version:
A Pulumi package for creating and managing Amazon Web Services (AWS) cloud resources.
283 lines (282 loc) • 13.3 kB
TypeScript
import * as pulumi from "@pulumi/pulumi";
import * as enums from "../types/enums";
/**
* Provides an SSM Parameter resource.
*
* > **Note:** The `overwrite` argument makes it possible to overwrite an existing SSM Parameter created outside of IAC.
*
* ## Example Usage
*
* ### Basic example
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const foo = new aws.ssm.Parameter("foo", {
* name: "foo",
* type: aws.ssm.ParameterType.String,
* value: "bar",
* });
* ```
*
* ### Encrypted string using default SSM KMS key
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as aws from "@pulumi/aws";
*
* const _default = new aws.rds.Instance("default", {
* allocatedStorage: 10,
* storageType: aws.rds.StorageType.GP2,
* engine: "mysql",
* engineVersion: "5.7.16",
* instanceClass: aws.rds.InstanceType.T2_Micro,
* dbName: "mydb",
* username: "foo",
* password: databaseMasterPassword,
* dbSubnetGroupName: "my_database_subnet_group",
* parameterGroupName: "default.mysql5.7",
* });
* const secret = new aws.ssm.Parameter("secret", {
* name: "/production/database/password/master",
* description: "The parameter description",
* type: aws.ssm.ParameterType.SecureString,
* value: databaseMasterPassword,
* tags: {
* environment: "production",
* },
* });
* ```
*
* ## Import
*
* Using `pulumi import`, import SSM Parameters using the parameter store `name`. For example:
*
* ```sh
* $ pulumi import aws:ssm/parameter:Parameter my_param /my_path/my_paramname
* ```
*/
export declare class Parameter extends pulumi.CustomResource {
/**
* Get an existing Parameter resource's state with the given name, ID, and optional extra
* properties used to qualify the lookup.
*
* @param name The _unique_ name of the resulting resource.
* @param id The _unique_ provider ID of the resource to lookup.
* @param state Any extra arguments used during the lookup.
* @param opts Optional settings to control the behavior of the CustomResource.
*/
static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ParameterState, opts?: pulumi.CustomResourceOptions): Parameter;
/**
* Returns true if the given object is an instance of Parameter. This is designed to work even
* when multiple copies of the Pulumi SDK have been loaded into the same process.
*/
static isInstance(obj: any): obj is Parameter;
/**
* Regular expression used to validate the parameter value.
*/
readonly allowedPattern: pulumi.Output<string | undefined>;
/**
* ARN of the parameter.
*/
readonly arn: pulumi.Output<string>;
/**
* Data type of the parameter. Valid values: `text`, `aws:ssm:integration` and `aws:ec2:image` for AMI format, see the [Native parameter support for Amazon Machine Image IDs](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html).
*/
readonly dataType: pulumi.Output<string>;
/**
* Description of the parameter.
*/
readonly description: pulumi.Output<string | undefined>;
/**
* Value of the parameter. **Use caution:** This value is _never_ marked as sensitive in the pulumi preview output. This argument is not valid with a `type` of `SecureString`.
*/
readonly insecureValue: pulumi.Output<string>;
/**
* KMS key ID or ARN for encrypting a SecureString.
*/
readonly keyId: pulumi.Output<string>;
/**
* Name of the parameter. If the name contains a path (e.g., any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).
*/
readonly name: pulumi.Output<string>;
/**
* Overwrite an existing parameter. If not specified, defaults to `false` during create operations to avoid overwriting existing resources and then `true` for all subsequent operations once the resource is managed by IAC. Lifecycle rules should be used to manage non-standard update behavior.
*/
readonly overwrite: pulumi.Output<boolean | undefined>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
readonly region: pulumi.Output<string>;
/**
* Map of tags to assign to the object. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
readonly tags: pulumi.Output<{
[key: string]: string;
} | undefined>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
readonly tagsAll: pulumi.Output<{
[key: string]: string;
}>;
/**
* Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are `Standard`, `Advanced`, and `Intelligent-Tiering`. Downgrading an `Advanced` tier parameter to `Standard` will recreate the resource. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).
*/
readonly tier: pulumi.Output<string>;
/**
* Type of the parameter. Valid types are `String`, `StringList` and `SecureString`.
*
* The following arguments are optional:
*/
readonly type: pulumi.Output<string>;
/**
* Value of the parameter. This value is always marked as sensitive in the pulumi preview output, regardless of `type
*/
readonly value: pulumi.Output<string>;
/**
* Version of the parameter.
*/
readonly version: pulumi.Output<number>;
/**
* Create a Parameter resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
constructor(name: string, args: ParameterArgs, opts?: pulumi.CustomResourceOptions);
}
/**
* Input properties used for looking up and filtering Parameter resources.
*/
export interface ParameterState {
/**
* Regular expression used to validate the parameter value.
*/
allowedPattern?: pulumi.Input<string>;
/**
* ARN of the parameter.
*/
arn?: pulumi.Input<string>;
/**
* Data type of the parameter. Valid values: `text`, `aws:ssm:integration` and `aws:ec2:image` for AMI format, see the [Native parameter support for Amazon Machine Image IDs](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html).
*/
dataType?: pulumi.Input<string>;
/**
* Description of the parameter.
*/
description?: pulumi.Input<string>;
/**
* Value of the parameter. **Use caution:** This value is _never_ marked as sensitive in the pulumi preview output. This argument is not valid with a `type` of `SecureString`.
*/
insecureValue?: pulumi.Input<string>;
/**
* KMS key ID or ARN for encrypting a SecureString.
*/
keyId?: pulumi.Input<string>;
/**
* Name of the parameter. If the name contains a path (e.g., any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).
*/
name?: pulumi.Input<string>;
/**
* Overwrite an existing parameter. If not specified, defaults to `false` during create operations to avoid overwriting existing resources and then `true` for all subsequent operations once the resource is managed by IAC. Lifecycle rules should be used to manage non-standard update behavior.
*/
overwrite?: pulumi.Input<boolean>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* Map of tags to assign to the object. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
*/
tagsAll?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are `Standard`, `Advanced`, and `Intelligent-Tiering`. Downgrading an `Advanced` tier parameter to `Standard` will recreate the resource. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).
*/
tier?: pulumi.Input<string>;
/**
* Type of the parameter. Valid types are `String`, `StringList` and `SecureString`.
*
* The following arguments are optional:
*/
type?: pulumi.Input<string | enums.ssm.ParameterType>;
/**
* Value of the parameter. This value is always marked as sensitive in the pulumi preview output, regardless of `type
*/
value?: pulumi.Input<string>;
/**
* Version of the parameter.
*/
version?: pulumi.Input<number>;
}
/**
* The set of arguments for constructing a Parameter resource.
*/
export interface ParameterArgs {
/**
* Regular expression used to validate the parameter value.
*/
allowedPattern?: pulumi.Input<string>;
/**
* ARN of the parameter.
*/
arn?: pulumi.Input<string>;
/**
* Data type of the parameter. Valid values: `text`, `aws:ssm:integration` and `aws:ec2:image` for AMI format, see the [Native parameter support for Amazon Machine Image IDs](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html).
*/
dataType?: pulumi.Input<string>;
/**
* Description of the parameter.
*/
description?: pulumi.Input<string>;
/**
* Value of the parameter. **Use caution:** This value is _never_ marked as sensitive in the pulumi preview output. This argument is not valid with a `type` of `SecureString`.
*/
insecureValue?: pulumi.Input<string>;
/**
* KMS key ID or ARN for encrypting a SecureString.
*/
keyId?: pulumi.Input<string>;
/**
* Name of the parameter. If the name contains a path (e.g., any forward slashes (`/`)), it must be fully qualified with a leading forward slash (`/`). For additional requirements and constraints, see the [AWS SSM User Guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html).
*/
name?: pulumi.Input<string>;
/**
* Overwrite an existing parameter. If not specified, defaults to `false` during create operations to avoid overwriting existing resources and then `true` for all subsequent operations once the resource is managed by IAC. Lifecycle rules should be used to manage non-standard update behavior.
*/
overwrite?: pulumi.Input<boolean>;
/**
* Region where this resource will be [managed](https://docs.aws.amazon.com/general/latest/gr/rande.html#regional-endpoints). Defaults to the Region set in the provider configuration.
*/
region?: pulumi.Input<string>;
/**
* Map of tags to assign to the object. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level.
*/
tags?: pulumi.Input<{
[key: string]: pulumi.Input<string>;
}>;
/**
* Parameter tier to assign to the parameter. If not specified, will use the default parameter tier for the region. Valid tiers are `Standard`, `Advanced`, and `Intelligent-Tiering`. Downgrading an `Advanced` tier parameter to `Standard` will recreate the resource. For more information on parameter tiers, see the [AWS SSM Parameter tier comparison and guide](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html).
*/
tier?: pulumi.Input<string>;
/**
* Type of the parameter. Valid types are `String`, `StringList` and `SecureString`.
*
* The following arguments are optional:
*/
type: pulumi.Input<string | enums.ssm.ParameterType>;
/**
* Value of the parameter. This value is always marked as sensitive in the pulumi preview output, regardless of `type
*/
value?: pulumi.Input<string>;
}