Generic module to creates SSM Parameters for AWS.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

README.md 8.5KB

2 years ago
1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889
  1. # terraform-module-aws-ssm-parameters
  2. Generic module to creates SSM Parameters for AWS.
  3. <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
  4. ## Requirements
  5. | Name | Version |
  6. |------|---------|
  7. | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 0.14 |
  8. | <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 3.0 |
  9. ## Providers
  10. | Name | Version |
  11. |------|---------|
  12. | <a name="provider_aws"></a> [aws](#provider\_aws) | >= 3.0 |
  13. ## Modules
  14. No modules.
  15. ## Resources
  16. | Name | Type |
  17. |------|------|
  18. | [aws_iam_policy.read_only](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
  19. | [aws_iam_policy.read_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/iam_policy) | resource |
  20. | [aws_kms_alias.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_alias) | resource |
  21. | [aws_kms_key.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/kms_key) | resource |
  22. | [aws_ssm_parameter.do_not_ignore_changes_on_value](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
  23. | [aws_ssm_parameter.ignore_changes_on_value](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/ssm_parameter) | resource |
  24. | [aws_caller_identity.current](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/caller_identity) | data source |
  25. | [aws_iam_policy_document.kms_key_read_only](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
  26. | [aws_iam_policy_document.kms_key_read_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
  27. | [aws_iam_policy_document.read_only](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
  28. | [aws_iam_policy_document.read_write](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
  29. ## Inputs
  30. | Name | Description | Type | Default | Required |
  31. |------|-------------|------|---------|:--------:|
  32. | <a name="input_allowed_patterns"></a> [allowed\_patterns](#input\_allowed\_patterns) | List of regular expression used to validate the parameter value. | `list` | `[]` | no |
  33. | <a name="input_descriptions"></a> [descriptions](#input\_descriptions) | List of descriptions for parameters. | `list(string)` | `[]` | no |
  34. | <a name="input_enabled"></a> [enabled](#input\_enabled) | Enable this module | `bool` | `true` | no |
  35. | <a name="input_iam_policy_create"></a> [iam\_policy\_create](#input\_iam\_policy\_create) | Create read only and read write policy to get an access to SSM paramters | `bool` | `false` | no |
  36. | <a name="input_iam_policy_name_prefix_read_only"></a> [iam\_policy\_name\_prefix\_read\_only](#input\_iam\_policy\_name\_prefix\_read\_only) | Name of the IAM read only access to SSM parameter policy | `string` | `null` | no |
  37. | <a name="input_iam_policy_name_prefix_read_write"></a> [iam\_policy\_name\_prefix\_read\_write](#input\_iam\_policy\_name\_prefix\_read\_write) | Name of the IAM read write access to SSM parameter policy | `string` | `null` | no |
  38. | <a name="input_iam_policy_path"></a> [iam\_policy\_path](#input\_iam\_policy\_path) | Path in which to create the policies. | `string` | `"/"` | no |
  39. | <a name="input_ignore_changes_on_value"></a> [ignore\_changes\_on\_value](#input\_ignore\_changes\_on\_value) | Whether or not to ignore changes made manually on the value. Applies to all specified parameters. If set to `true`, terraform will never update the value. | `bool` | `false` | no |
  40. | <a name="input_kms_key_alias_name"></a> [kms\_key\_alias\_name](#input\_kms\_key\_alias\_name) | Alias of the kms key if toggle kms\_key\_create is set | `string` | `""` | no |
  41. | <a name="input_kms_key_arn"></a> [kms\_key\_arn](#input\_kms\_key\_arn) | ARN of the kms key if toggle kms\_key\_create is disable. | `string` | `""` | no |
  42. | <a name="input_kms_key_create"></a> [kms\_key\_create](#input\_kms\_key\_create) | Create a kms key for secure string parameters. | `bool` | `false` | no |
  43. | <a name="input_kms_key_name"></a> [kms\_key\_name](#input\_kms\_key\_name) | Name of the kms key if toggle kms\_key\_create is set | `string` | `""` | no |
  44. | <a name="input_kms_tags"></a> [kms\_tags](#input\_kms\_tags) | Tags that will be merged with variable tags for the kms key | `map` | `{}` | no |
  45. | <a name="input_names"></a> [names](#input\_names) | List of names for parameters. | `list(string)` | n/a | yes |
  46. | <a name="input_overwrites"></a> [overwrites](#input\_overwrites) | Ordered list of boolean to say whether if terraform should overwrite an existing parameter not managed by terraform.( `ignore_changes_on_value` should then be used to manage the update behavior). | `list(bool)` | `[]` | no |
  47. | <a name="input_parameters_count"></a> [parameters\_count](#input\_parameters\_count) | Number of parameters. This value cannot be automaticly computed in terraform 0.12.x. | `number` | `0` | no |
  48. | <a name="input_prefix"></a> [prefix](#input\_prefix) | The prefix to be used for every SSM Parameters. The prefix must match [A-Za-z0-9/] | `string` | `""` | no |
  49. | <a name="input_tags"></a> [tags](#input\_tags) | Global tags for resources | `map` | `{}` | no |
  50. | <a name="input_types"></a> [types](#input\_types) | List of types for parameters. | `list(string)` | n/a | yes |
  51. | <a name="input_use_default_kms_key"></a> [use\_default\_kms\_key](#input\_use\_default\_kms\_key) | Use default kms\_key | `bool` | `false` | no |
  52. | <a name="input_values"></a> [values](#input\_values) | List of values for parameters. | `list(string)` | n/a | yes |
  53. ## Outputs
  54. | Name | Description |
  55. |------|-------------|
  56. | <a name="output_arns"></a> [arns](#output\_arns) | ARNs of SSM Parameters |
  57. | <a name="output_iam_policy_read_only_arn"></a> [iam\_policy\_read\_only\_arn](#output\_iam\_policy\_read\_only\_arn) | ARN of the read only policy |
  58. | <a name="output_iam_policy_read_only_description"></a> [iam\_policy\_read\_only\_description](#output\_iam\_policy\_read\_only\_description) | The description of the read only policy |
  59. | <a name="output_iam_policy_read_only_id"></a> [iam\_policy\_read\_only\_id](#output\_iam\_policy\_read\_only\_id) | ID of the read only policy |
  60. | <a name="output_iam_policy_read_only_name"></a> [iam\_policy\_read\_only\_name](#output\_iam\_policy\_read\_only\_name) | The name of the read only policy |
  61. | <a name="output_iam_policy_read_only_path"></a> [iam\_policy\_read\_only\_path](#output\_iam\_policy\_read\_only\_path) | Path of the read only policy |
  62. | <a name="output_iam_policy_read_only_policy"></a> [iam\_policy\_read\_only\_policy](#output\_iam\_policy\_read\_only\_policy) | The policy document |
  63. | <a name="output_iam_policy_read_write_arn"></a> [iam\_policy\_read\_write\_arn](#output\_iam\_policy\_read\_write\_arn) | ARN of the read write policy |
  64. | <a name="output_iam_policy_read_write_description"></a> [iam\_policy\_read\_write\_description](#output\_iam\_policy\_read\_write\_description) | The description of the read write policy |
  65. | <a name="output_iam_policy_read_write_id"></a> [iam\_policy\_read\_write\_id](#output\_iam\_policy\_read\_write\_id) | ID of the read write policy |
  66. | <a name="output_iam_policy_read_write_name"></a> [iam\_policy\_read\_write\_name](#output\_iam\_policy\_read\_write\_name) | The name of the read write policy |
  67. | <a name="output_iam_policy_read_write_path"></a> [iam\_policy\_read\_write\_path](#output\_iam\_policy\_read\_write\_path) | Path of the read write policy |
  68. | <a name="output_iam_policy_read_write_policy"></a> [iam\_policy\_read\_write\_policy](#output\_iam\_policy\_read\_write\_policy) | The policy document |
  69. | <a name="output_kms_alias_arn"></a> [kms\_alias\_arn](#output\_kms\_alias\_arn) | The Amazon Resource Name (ARN) of the key alias |
  70. | <a name="output_kms_alias_target_key_arn"></a> [kms\_alias\_target\_key\_arn](#output\_kms\_alias\_target\_key\_arn) | The Amazon Resource Name (ARN) of the target key identifier |
  71. | <a name="output_kms_key_arn"></a> [kms\_key\_arn](#output\_kms\_key\_arn) | The Amazon Resource Name (ARN) of the key |
  72. | <a name="output_kms_key_id"></a> [kms\_key\_id](#output\_kms\_key\_id) | Globally unique identifier for the key |
  73. | <a name="output_names"></a> [names](#output\_names) | Names of SSM Parameters |
  74. | <a name="output_types"></a> [types](#output\_types) | Types of SSM parameters |
  75. | <a name="output_versions"></a> [versions](#output\_versions) | Versions of SSM parameters |
  76. <!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->