awsssm

package
v2.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 9, 2022 License: Apache-2.0 Imports: 8 Imported by: 12

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CfnAssociation_CFN_RESOURCE_TYPE_NAME 

func CfnAssociation_CFN_RESOURCE_TYPE_NAME() *string

func CfnAssociation_IsCfnElement 

func CfnAssociation_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnAssociation_IsCfnResource 

func CfnAssociation_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnAssociation_IsConstruct 

func CfnAssociation_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnDocument_CFN_RESOURCE_TYPE_NAME 

func CfnDocument_CFN_RESOURCE_TYPE_NAME() *string

func CfnDocument_IsCfnElement 

func CfnDocument_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnDocument_IsCfnResource 

func CfnDocument_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnDocument_IsConstruct 

func CfnDocument_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnMaintenanceWindowTarget_CFN_RESOURCE_TYPE_NAME 

func CfnMaintenanceWindowTarget_CFN_RESOURCE_TYPE_NAME() *string

func CfnMaintenanceWindowTarget_IsCfnElement 

func CfnMaintenanceWindowTarget_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnMaintenanceWindowTarget_IsCfnResource 

func CfnMaintenanceWindowTarget_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnMaintenanceWindowTarget_IsConstruct 

func CfnMaintenanceWindowTarget_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnMaintenanceWindowTask_CFN_RESOURCE_TYPE_NAME 

func CfnMaintenanceWindowTask_CFN_RESOURCE_TYPE_NAME() *string

func CfnMaintenanceWindowTask_IsCfnElement 

func CfnMaintenanceWindowTask_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnMaintenanceWindowTask_IsCfnResource 

func CfnMaintenanceWindowTask_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnMaintenanceWindowTask_IsConstruct 

func CfnMaintenanceWindowTask_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnMaintenanceWindow_CFN_RESOURCE_TYPE_NAME 

func CfnMaintenanceWindow_CFN_RESOURCE_TYPE_NAME() *string

func CfnMaintenanceWindow_IsCfnElement 

func CfnMaintenanceWindow_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnMaintenanceWindow_IsCfnResource 

func CfnMaintenanceWindow_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnMaintenanceWindow_IsConstruct 

func CfnMaintenanceWindow_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnParameter_CFN_RESOURCE_TYPE_NAME 

func CfnParameter_CFN_RESOURCE_TYPE_NAME() *string

func CfnParameter_IsCfnElement 

func CfnParameter_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnParameter_IsCfnResource 

func CfnParameter_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnParameter_IsConstruct 

func CfnParameter_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnPatchBaseline_CFN_RESOURCE_TYPE_NAME 

func CfnPatchBaseline_CFN_RESOURCE_TYPE_NAME() *string

func CfnPatchBaseline_IsCfnElement 

func CfnPatchBaseline_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnPatchBaseline_IsCfnResource 

func CfnPatchBaseline_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnPatchBaseline_IsConstruct 

func CfnPatchBaseline_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func CfnResourceDataSync_CFN_RESOURCE_TYPE_NAME 

func CfnResourceDataSync_CFN_RESOURCE_TYPE_NAME() *string

func CfnResourceDataSync_IsCfnElement 

func CfnResourceDataSync_IsCfnElement(x interface{}) *bool

Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).

Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.

Returns: The construct as a stack element or undefined if it is not a stack element.

func CfnResourceDataSync_IsCfnResource 

func CfnResourceDataSync_IsCfnResource(construct constructs.IConstruct) *bool

Check whether the given construct is a CfnResource.

func CfnResourceDataSync_IsConstruct 

func CfnResourceDataSync_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func NewCfnAssociation_Override 

func NewCfnAssociation_Override(c CfnAssociation, scope constructs.Construct, id *string, props *CfnAssociationProps)

Create a new `AWS::SSM::Association`.

func NewCfnDocument_Override 

func NewCfnDocument_Override(c CfnDocument, scope constructs.Construct, id *string, props *CfnDocumentProps)

Create a new `AWS::SSM::Document`.

func NewCfnMaintenanceWindowTarget_Override 

func NewCfnMaintenanceWindowTarget_Override(c CfnMaintenanceWindowTarget, scope constructs.Construct, id *string, props *CfnMaintenanceWindowTargetProps)

Create a new `AWS::SSM::MaintenanceWindowTarget`.

func NewCfnMaintenanceWindowTask_Override 

func NewCfnMaintenanceWindowTask_Override(c CfnMaintenanceWindowTask, scope constructs.Construct, id *string, props *CfnMaintenanceWindowTaskProps)

Create a new `AWS::SSM::MaintenanceWindowTask`.

func NewCfnMaintenanceWindow_Override 

func NewCfnMaintenanceWindow_Override(c CfnMaintenanceWindow, scope constructs.Construct, id *string, props *CfnMaintenanceWindowProps)

Create a new `AWS::SSM::MaintenanceWindow`.

func NewCfnParameter_Override 

func NewCfnParameter_Override(c CfnParameter, scope constructs.Construct, id *string, props *CfnParameterProps)

Create a new `AWS::SSM::Parameter`.

func NewCfnPatchBaseline_Override 

func NewCfnPatchBaseline_Override(c CfnPatchBaseline, scope constructs.Construct, id *string, props *CfnPatchBaselineProps)

Create a new `AWS::SSM::PatchBaseline`.

func NewCfnResourceDataSync_Override 

func NewCfnResourceDataSync_Override(c CfnResourceDataSync, scope constructs.Construct, id *string, props *CfnResourceDataSyncProps)

Create a new `AWS::SSM::ResourceDataSync`.

func NewStringListParameter_Override 

func NewStringListParameter_Override(s StringListParameter, scope constructs.Construct, id *string, props *StringListParameterProps)

func NewStringParameter_Override 

func NewStringParameter_Override(s StringParameter, scope constructs.Construct, id *string, props *StringParameterProps)

func StringListParameter_IsConstruct 

func StringListParameter_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func StringListParameter_IsResource 

func StringListParameter_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func StringParameter_IsConstruct 

func StringParameter_IsConstruct(x interface{}) *bool

Checks if `x` is a construct.

Returns: true if `x` is an object created from a class which extends `Construct`. Deprecated: use `x instanceof Construct` instead

func StringParameter_IsResource 

func StringParameter_IsResource(construct constructs.IConstruct) *bool

Check whether the given construct is a Resource.

func StringParameter_ValueForSecureStringParameter 

func StringParameter_ValueForSecureStringParameter(scope constructs.Construct, parameterName *string, version *float64) *string

Returns a token that will resolve (during deployment).

func StringParameter_ValueForStringParameter 

func StringParameter_ValueForStringParameter(scope constructs.Construct, parameterName *string, version *float64) *string

Returns a token that will resolve (during deployment) to the string value of an SSM string parameter.

func StringParameter_ValueForTypedStringParameter 

func StringParameter_ValueForTypedStringParameter(scope constructs.Construct, parameterName *string, type_ ParameterType, version *float64) *string

Returns a token that will resolve (during deployment) to the string value of an SSM string parameter.

func StringParameter_ValueFromLookup 

func StringParameter_ValueFromLookup(scope constructs.Construct, parameterName *string) *string

Reads the value of an SSM parameter during synthesis through an environmental context provider.

Requires that the stack this scope is defined in will have explicit account/region information. Otherwise, it will fail during synthesis.

Types

type CfnAssociation 

type CfnAssociation interface {
	awscdk.CfnResource
	awscdk.IInspectable
	ApplyOnlyAtCronInterval() interface{}
	SetApplyOnlyAtCronInterval(val interface{})
	AssociationName() *string
	SetAssociationName(val *string)
	AttrAssociationId() *string
	AutomationTargetParameterName() *string
	SetAutomationTargetParameterName(val *string)
	CalendarNames() *[]*string
	SetCalendarNames(val *[]*string)
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	ComplianceSeverity() *string
	SetComplianceSeverity(val *string)
	CreationStack() *[]*string
	DocumentVersion() *string
	SetDocumentVersion(val *string)
	InstanceId() *string
	SetInstanceId(val *string)
	LogicalId() *string
	MaxConcurrency() *string
	SetMaxConcurrency(val *string)
	MaxErrors() *string
	SetMaxErrors(val *string)
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	OutputLocation() interface{}
	SetOutputLocation(val interface{})
	Parameters() interface{}
	SetParameters(val interface{})
	Ref() *string
	ScheduleExpression() *string
	SetScheduleExpression(val *string)
	Stack() awscdk.Stack
	SyncCompliance() *string
	SetSyncCompliance(val *string)
	Targets() interface{}
	SetTargets(val interface{})
	UpdatedProperites() *map[string]interface{}
	WaitForSuccessTimeoutSeconds() *float64
	SetWaitForSuccessTimeoutSeconds(val *float64)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::Association`.

The `AWS::SSM::Association` resource creates a State Manager association for your managed instances. A State Manager association defines the state that you want to maintain on your instances. For example, an association can specify that anti-virus software must be installed and running on your instances, or that certain ports must be closed. For static targets, the association specifies a schedule for when the configuration is reapplied. For dynamic targets, such as an AWS Resource Groups or an AWS Auto Scaling Group, State Manager applies the configuration when new instances are added to the group. The association also specifies actions to take when applying the configuration. For example, an association for anti-virus software might run once a day. If the software is not installed, then State Manager installs it. If the software is installed, but the service is not running, then the association might instruct State Manager to start the service.

TODO: EXAMPLE

func NewCfnAssociation 

func NewCfnAssociation(scope constructs.Construct, id *string, props *CfnAssociationProps) CfnAssociation

Create a new `AWS::SSM::Association`.

type CfnAssociationProps 

type CfnAssociationProps struct {
	// The name of the SSM document that contains the configuration information for the instance.
	//
	// You can specify `Command` or `Automation` documents. The documents can be AWS -predefined documents, documents you created, or a document that is shared with you from another account. For SSM documents that are shared with you from other AWS accounts , you must specify the complete SSM document ARN, in the following format:
	//
	// `arn:partition:ssm:region:account-id:document/document-name`
	//
	// For example: `arn:aws:ssm:us-east-2:12345678912:document/My-Shared-Document`
	//
	// For AWS -predefined documents and SSM documents you created in your account, you only need to specify the document name. For example, AWS -ApplyPatchBaseline or My-Document.
	Name *string `json:"name"`
	// By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified.
	//
	// Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.
	ApplyOnlyAtCronInterval interface{} `json:"applyOnlyAtCronInterval"`
	// Specify a descriptive name for the association.
	AssociationName *string `json:"associationName"`
	// Choose the parameter that will define how your automation will branch out.
	//
	// This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a capability of AWS Systems Manager .
	AutomationTargetParameterName *string `json:"automationTargetParameterName"`
	// The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under.
	//
	// The associations only run when that Change Calendar is open. For more information, see [AWS Systems Manager Change Calendar](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar) .
	CalendarNames *[]*string `json:"calendarNames"`
	// The severity level that is assigned to the association.
	ComplianceSeverity *string `json:"complianceSeverity"`
	// The version of the SSM document to associate with the target.
	DocumentVersion *string `json:"documentVersion"`
	// The ID of the instance that the SSM document is associated with.
	//
	// You must specify the `InstanceId` or `Targets` property.
	//
	// > `InstanceId` has been deprecated. To specify an instance ID for an association, use the `Targets` parameter. If you use the parameter `InstanceId` , you cannot use the parameters `AssociationName` , `DocumentVersion` , `MaxErrors` , `MaxConcurrency` , `OutputLocation` , or `ScheduleExpression` . To use these parameters, you must use the `Targets` parameter.
	InstanceId *string `json:"instanceId"`
	// The maximum number of targets allowed to run the association at the same time.
	//
	// You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.
	//
	// If a new managed node starts and attempts to run an association while Systems Manager is running `MaxConcurrency` associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for `MaxConcurrency` .
	MaxConcurrency *string `json:"maxConcurrency"`
	// The number of errors that are allowed before the system stops sending requests to run the association on additional targets.
	//
	// You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set `MaxError` to 10%, then the system stops sending the request when the sixth error is received.
	//
	// Executions that are already running an association when `MaxErrors` is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set `MaxConcurrency` to 1 so that executions proceed one at a time.
	MaxErrors *string `json:"maxErrors"`
	// An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.
	OutputLocation interface{} `json:"outputLocation"`
	// The parameters for the runtime configuration of the document.
	Parameters interface{} `json:"parameters"`
	// A cron expression that specifies a schedule when the association runs.
	//
	// The schedule runs in Coordinated Universal Time (UTC).
	ScheduleExpression *string `json:"scheduleExpression"`
	// The mode for generating association compliance.
	//
	// You can specify `AUTO` or `MANUAL` . In `AUTO` mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is `COMPLIANT` . If the association execution doesn't run successfully, the association is `NON-COMPLIANT` .
	//
	// In `MANUAL` mode, you must specify the `AssociationId` as a parameter for the PutComplianceItems API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the PutComplianceItems API action.
	//
	// By default, all associations use `AUTO` mode.
	SyncCompliance *string `json:"syncCompliance"`
	// The targets for the association.
	//
	// You must specify the `InstanceId` or `Targets` property. You can target all instances in an AWS account by specifying the `InstanceIds` key with a value of `*` . To view a JSON and a YAML example that targets all instances, see "Create an association for all managed instances in an AWS account " on the Examples page.
	Targets interface{} `json:"targets"`
	// The number of seconds the service should wait for the association status to show "Success" before proceeding with the stack execution.
	//
	// If the association status doesn't show "Success" after the specified number of seconds, then stack creation fails.
	WaitForSuccessTimeoutSeconds *float64 `json:"waitForSuccessTimeoutSeconds"`
}

Properties for defining a `CfnAssociation`.

TODO: EXAMPLE

type CfnAssociation_InstanceAssociationOutputLocationProperty 

type CfnAssociation_InstanceAssociationOutputLocationProperty struct {
	// `S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request.
	S3Location interface{} `json:"s3Location"`
}

`InstanceAssociationOutputLocation` is a property of the [AWS::SSM::Association](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html) resource that specifies an Amazon S3 bucket where you want to store the results of this association request.

For the minimal permissions required to enable Amazon S3 output for an association, see [Creating associations](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-state-assoc.html) in the *Systems Manager User Guide* .

TODO: EXAMPLE

type CfnAssociation_S3OutputLocationProperty 

type CfnAssociation_S3OutputLocationProperty struct {
	// The name of the S3 bucket.
	OutputS3BucketName *string `json:"outputS3BucketName"`
	// The S3 bucket subfolder.
	OutputS3KeyPrefix *string `json:"outputS3KeyPrefix"`
	// The AWS Region of the S3 bucket.
	OutputS3Region *string `json:"outputS3Region"`
}

`S3OutputLocation` is a property of the [AWS::SSM::Association](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html) resource that specifies an Amazon S3 bucket where you want to store the results of this association request.

TODO: EXAMPLE

type CfnAssociation_TargetProperty 

type CfnAssociation_TargetProperty struct {
	// User-defined criteria for sending commands that target managed nodes that meet the criteria.
	Key *string `json:"key"`
	// User-defined criteria that maps to `Key` .
	//
	// For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .
	//
	// Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.
	Values *[]*string `json:"values"`
}

`Target` is a property of the [AWS::SSM::Association](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-association.html) resource that specifies the targets for an SSM document in Systems Manager . You can target all instances in an AWS account by specifying the `InstanceIds` key with a value of `*` . To view a JSON and a YAML example that targets all instances, see "Create an association for all managed instances in an AWS account " on the Examples page.

TODO: EXAMPLE

type CfnDocument 

type CfnDocument interface {
	awscdk.CfnResource
	awscdk.IInspectable
	Attachments() interface{}
	SetAttachments(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	Content() interface{}
	SetContent(val interface{})
	CreationStack() *[]*string
	DocumentFormat() *string
	SetDocumentFormat(val *string)
	DocumentType() *string
	SetDocumentType(val *string)
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	Ref() *string
	Requires() interface{}
	SetRequires(val interface{})
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	TargetType() *string
	SetTargetType(val *string)
	UpdatedProperites() *map[string]interface{}
	VersionName() *string
	SetVersionName(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::Document`.

The `AWS::SSM::Document` resource creates a Systems Manager (SSM) document in AWS Systems Manager . This document defines the actions that Systems Manager performs on your AWS resources.

> This resource does not support CloudFormation drift detection.

TODO: EXAMPLE

func NewCfnDocument 

func NewCfnDocument(scope constructs.Construct, id *string, props *CfnDocumentProps) CfnDocument

Create a new `AWS::SSM::Document`.

type CfnDocumentProps 

type CfnDocumentProps struct {
	// The content for the new SSM document in JSON or YAML.
	//
	// > This parameter also supports `String` data types.
	Content interface{} `json:"content"`
	// A list of key-value pairs that describe attachments to a version of a document.
	Attachments interface{} `json:"attachments"`
	// Specify the document format for the request.
	//
	// The document format can be JSON or YAML. JSON is the default format.
	//
	// > `TEXT` is not supported, even though it is listed in the `Allowed values` .
	DocumentFormat *string `json:"documentFormat"`
	// The type of document to create.
	//
	// *Allowed Values* : `ApplicationConfigurationSchema` | `Automation` | `Automation.ChangeTemplate` | `Command` | `DeploymentStrategy` | `Package` | `Policy` | `Session`
	DocumentType *string `json:"documentType"`
	// A name for the SSM document.
	//
	// > You can't use the following strings as document name prefixes. These are reserved by AWS for use as document name prefixes:
	// >
	// > - `aws-`
	// > - `amazon`
	// > - `amzn`
	Name *string `json:"name"`
	// A list of SSM documents required by a document.
	//
	// This parameter is used exclusively by AWS AppConfig . When a user creates an AWS AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an `ApplicationConfiguration` document requires an `ApplicationConfigurationSchema` document for validation purposes. For more information, see [What is AWS AppConfig ?](https://docs.aws.amazon.com/appconfig/latest/userguide/what-is-appconfig.html) in the *AWS AppConfig User Guide* .
	Requires interface{} `json:"requires"`
	// AWS CloudFormation resource tags to apply to the document.
	//
	// Use tags to help you identify and categorize resources.
	Tags *[]*awscdk.CfnTag `json:"tags"`
	// Specify a target type to define the kinds of resources the document can run on.
	//
	// For example, to run a document on EC2 instances, specify the following value: `/AWS::EC2::Instance` . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see [AWS resource and property types reference](https://docs.aws.amazon.com//AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html) in the *AWS CloudFormation User Guide* .
	TargetType *string `json:"targetType"`
	// An optional field specifying the version of the artifact you are creating with the document.
	//
	// For example, "Release 12, Update 6". This value is unique across all versions of a document, and can't be changed.
	VersionName *string `json:"versionName"`
}

Properties for defining a `CfnDocument`.

TODO: EXAMPLE

type CfnDocument_AttachmentsSourceProperty 

type CfnDocument_AttachmentsSourceProperty struct {
	// The key of a key-value pair that identifies the location of an attachment to a document.
	Key *string `json:"key"`
	// The name of the document attachment file.
	Name *string `json:"name"`
	// The value of a key-value pair that identifies the location of an attachment to a document.
	//
	// The format for *Value* depends on the type of key you specify.
	//
	// - For the key *SourceUrl* , the value is an S3 bucket location. For example:
	//
	// `"Values": [ "s3://doc-example-bucket/my-folder" ]`
	// - For the key *S3FileUrl* , the value is a file in an S3 bucket. For example:
	//
	// `"Values": [ "s3://doc-example-bucket/my-folder/my-file.py" ]`
	// - For the key *AttachmentReference* , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example:
	//
	// `"Values": [ "MyOtherDocument/3/my-other-file.py" ]`
	//
	// However, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example:
	//
	// `"Values": [ "arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py" ]`
	Values *[]*string `json:"values"`
}

Identifying information about a document attachment, including the file name and a key-value pair that identifies the location of an attachment to a document.

TODO: EXAMPLE

type CfnDocument_DocumentRequiresProperty 

type CfnDocument_DocumentRequiresProperty struct {
	// The name of the required SSM document.
	//
	// The name can be an Amazon Resource Name (ARN).
	Name *string `json:"name"`
	// The document version required by the current document.
	Version *string `json:"version"`
}

An SSM document required by the current document.

TODO: EXAMPLE

type CfnMaintenanceWindow 

type CfnMaintenanceWindow interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AllowUnassociatedTargets() interface{}
	SetAllowUnassociatedTargets(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	Cutoff() *float64
	SetCutoff(val *float64)
	Description() *string
	SetDescription(val *string)
	Duration() *float64
	SetDuration(val *float64)
	EndDate() *string
	SetEndDate(val *string)
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	Ref() *string
	Schedule() *string
	SetSchedule(val *string)
	ScheduleOffset() *float64
	SetScheduleOffset(val *float64)
	ScheduleTimezone() *string
	SetScheduleTimezone(val *string)
	Stack() awscdk.Stack
	StartDate() *string
	SetStartDate(val *string)
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::MaintenanceWindow`.

The `AWS::SSM::MaintenanceWindow` resource represents general information about a maintenance window for AWS Systems Manager . Maintenance Windows let you define a schedule for when to perform potentially disruptive actions on your instances, such as patching an operating system (OS), updating drivers, or installing software. Each maintenance window has a schedule, a duration, a set of registered targets, and a set of registered tasks.

For more information, see [Systems Manager Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-maintenance.html) in the *AWS Systems Manager User Guide* and [CreateMaintenanceWindow](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateMaintenanceWindow.html) in the *AWS Systems Manager API Reference* .

TODO: EXAMPLE

func NewCfnMaintenanceWindow 

func NewCfnMaintenanceWindow(scope constructs.Construct, id *string, props *CfnMaintenanceWindowProps) CfnMaintenanceWindow

Create a new `AWS::SSM::MaintenanceWindow`.

type CfnMaintenanceWindowProps 

type CfnMaintenanceWindowProps struct {
	// Enables a maintenance window task to run on managed instances, even if you have not registered those instances as targets.
	//
	// If enabled, then you must specify the unregistered instances (by instance ID) when you register a task with the maintenance window.
	AllowUnassociatedTargets interface{} `json:"allowUnassociatedTargets"`
	// The number of hours before the end of the maintenance window that AWS Systems Manager stops scheduling new tasks for execution.
	Cutoff *float64 `json:"cutoff"`
	// The duration of the maintenance window in hours.
	Duration *float64 `json:"duration"`
	// The name of the maintenance window.
	Name *string `json:"name"`
	// The schedule of the maintenance window in the form of a cron or rate expression.
	Schedule *string `json:"schedule"`
	// A description of the maintenance window.
	Description *string `json:"description"`
	// The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become inactive.
	EndDate *string `json:"endDate"`
	// The number of days to wait to run a maintenance window after the scheduled cron expression date and time.
	ScheduleOffset *float64 `json:"scheduleOffset"`
	// The time zone that the scheduled maintenance window executions are based on, in Internet Assigned Numbers Authority (IANA) format.
	ScheduleTimezone *string `json:"scheduleTimezone"`
	// The date and time, in ISO-8601 Extended format, for when the maintenance window is scheduled to become active.
	//
	// StartDate allows you to delay activation of the Maintenance Window until the specified future date.
	StartDate *string `json:"startDate"`
	// Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs).
	//
	// Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a maintenance window to identify the type of tasks it will run, the types of targets, and the environment it will run in.
	Tags *[]*awscdk.CfnTag `json:"tags"`
}

Properties for defining a `CfnMaintenanceWindow`.

TODO: EXAMPLE

type CfnMaintenanceWindowTarget 

type CfnMaintenanceWindowTarget interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	Description() *string
	SetDescription(val *string)
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	OwnerInformation() *string
	SetOwnerInformation(val *string)
	Ref() *string
	ResourceType() *string
	SetResourceType(val *string)
	Stack() awscdk.Stack
	Targets() interface{}
	SetTargets(val interface{})
	UpdatedProperites() *map[string]interface{}
	WindowId() *string
	SetWindowId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::MaintenanceWindowTarget`.

The `AWS::SSM::MaintenanceWindowTarget` resource registers a target with a maintenance window for AWS Systems Manager . For more information, see [RegisterTargetWithMaintenanceWindow](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTargetWithMaintenanceWindow.html) in the *AWS Systems Manager API Reference* .

TODO: EXAMPLE

func NewCfnMaintenanceWindowTarget 

func NewCfnMaintenanceWindowTarget(scope constructs.Construct, id *string, props *CfnMaintenanceWindowTargetProps) CfnMaintenanceWindowTarget

Create a new `AWS::SSM::MaintenanceWindowTarget`.

type CfnMaintenanceWindowTargetProps 

type CfnMaintenanceWindowTargetProps struct {
	// The type of target that is being registered with the maintenance window.
	ResourceType *string `json:"resourceType"`
	// The targets to register with the maintenance window.
	//
	// In other words, the instances to run commands on when the maintenance window runs.
	//
	// You must specify targets by using the `WindowTargetIds` parameter.
	Targets interface{} `json:"targets"`
	// The ID of the maintenance window to register the target with.
	WindowId *string `json:"windowId"`
	// A description for the target.
	Description *string `json:"description"`
	// The name for the maintenance window target.
	Name *string `json:"name"`
	// A user-provided value that will be included in any Amazon CloudWatch Events events that are raised while running tasks for these targets in this maintenance window.
	OwnerInformation *string `json:"ownerInformation"`
}

Properties for defining a `CfnMaintenanceWindowTarget`.

TODO: EXAMPLE

type CfnMaintenanceWindowTarget_TargetsProperty 

type CfnMaintenanceWindowTarget_TargetsProperty struct {
	// User-defined criteria for sending commands that target managed nodes that meet the criteria.
	Key *string `json:"key"`
	// User-defined criteria that maps to `Key` .
	//
	// For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` .
	//
	// Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.
	Values *[]*string `json:"values"`
}

The `Targets` property type specifies adding a target to a maintenance window target in AWS Systems Manager .

`Targets` is a property of the [AWS::SSM::MaintenanceWindowTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtarget.html) resource.

TODO: EXAMPLE

type CfnMaintenanceWindowTask 

type CfnMaintenanceWindowTask interface {
	awscdk.CfnResource
	awscdk.IInspectable
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	CutoffBehavior() *string
	SetCutoffBehavior(val *string)
	Description() *string
	SetDescription(val *string)
	LoggingInfo() interface{}
	SetLoggingInfo(val interface{})
	LogicalId() *string
	MaxConcurrency() *string
	SetMaxConcurrency(val *string)
	MaxErrors() *string
	SetMaxErrors(val *string)
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	Priority() *float64
	SetPriority(val *float64)
	Ref() *string
	ServiceRoleArn() *string
	SetServiceRoleArn(val *string)
	Stack() awscdk.Stack
	Targets() interface{}
	SetTargets(val interface{})
	TaskArn() *string
	SetTaskArn(val *string)
	TaskInvocationParameters() interface{}
	SetTaskInvocationParameters(val interface{})
	TaskParameters() interface{}
	SetTaskParameters(val interface{})
	TaskType() *string
	SetTaskType(val *string)
	UpdatedProperites() *map[string]interface{}
	WindowId() *string
	SetWindowId(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::MaintenanceWindowTask`.

The `AWS::SSM::MaintenanceWindowTask` resource defines information about a task for an AWS Systems Manager maintenance window. For more information, see [RegisterTaskWithMaintenanceWindow](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_RegisterTaskWithMaintenanceWindow.html) in the *AWS Systems Manager API Reference* .

TODO: EXAMPLE

func NewCfnMaintenanceWindowTask 

func NewCfnMaintenanceWindowTask(scope constructs.Construct, id *string, props *CfnMaintenanceWindowTaskProps) CfnMaintenanceWindowTask

Create a new `AWS::SSM::MaintenanceWindowTask`.

type CfnMaintenanceWindowTaskProps 

type CfnMaintenanceWindowTaskProps struct {
	// The priority of the task in the maintenance window.
	//
	// The lower the number, the higher the priority. Tasks that have the same priority are scheduled in parallel.
	Priority *float64 `json:"priority"`
	// The resource that the task uses during execution.
	//
	// For `RUN_COMMAND` and `AUTOMATION` task types, `TaskArn` is the SSM document name or Amazon Resource Name (ARN).
	//
	// For `LAMBDA` tasks, `TaskArn` is the function name or ARN.
	//
	// For `STEP_FUNCTIONS` tasks, `TaskArn` is the state machine ARN.
	TaskArn *string `json:"taskArn"`
	// The type of task.
	//
	// Valid values: `RUN_COMMAND` , `AUTOMATION` , `LAMBDA` , `STEP_FUNCTIONS` .
	TaskType *string `json:"taskType"`
	// The ID of the maintenance window where the task is registered.
	WindowId *string `json:"windowId"`
	// The specification for whether tasks should continue to run after the cutoff time specified in the maintenance windows is reached.
	CutoffBehavior *string `json:"cutoffBehavior"`
	// A description of the task.
	Description *string `json:"description"`
	// Information about an Amazon S3 bucket to write task-level logs to.
	//
	// > `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS Systems Manager MaintenanceWindowTask TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) .
	LoggingInfo interface{} `json:"loggingInfo"`
	// The maximum number of targets this task can be run for, in parallel.
	//
	// > Although this element is listed as "Required: No", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.
	// >
	// > For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.
	MaxConcurrency *string `json:"maxConcurrency"`
	// The maximum number of errors allowed before this task stops being scheduled.
	//
	// > Although this element is listed as "Required: No", a value can be omitted only when you are registering or updating a [targetless task](https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html) You must provide a value in all other cases.
	// >
	// > For maintenance window tasks without a target specified, you can't supply a value for this option. Instead, the system inserts a placeholder value of `1` . This value doesn't affect the running of your task.
	MaxErrors *string `json:"maxErrors"`
	// The task name.
	Name *string `json:"name"`
	// The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service (Amazon SNS) notifications for maintenance window Run Command tasks.
	ServiceRoleArn *string `json:"serviceRoleArn"`
	// The targets, either instances or window target IDs.
	//
	// - Specify instances using `Key=InstanceIds,Values= *instanceid1* , *instanceid2*` .
	// - Specify window target IDs using `Key=WindowTargetIds,Values= *window-target-id-1* , *window-target-id-2*` .
	Targets interface{} `json:"targets"`
	// The parameters to pass to the task when it runs.
	//
	// Populate only the fields that match the task type. All other fields should be empty.
	//
	// > When you update a maintenance window task that has options specified in `TaskInvocationParameters` , you must provide again all the `TaskInvocationParameters` values that you want to retain. The values you do not specify again are removed. For example, suppose that when you registered a Run Command task, you specified `TaskInvocationParameters` values for `Comment` , `NotificationConfig` , and `OutputS3BucketName` . If you update the maintenance window task and specify only a different `OutputS3BucketName` value, the values for `Comment` and `NotificationConfig` are removed.
	TaskInvocationParameters interface{} `json:"taskInvocationParameters"`
	// The parameters to pass to the task when it runs.
	//
	// > `TaskParameters` has been deprecated. To specify parameters to pass to a task when it runs, instead use the `Parameters` option in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [MaintenanceWindowTaskInvocationParameters](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_MaintenanceWindowTaskInvocationParameters.html) .
	TaskParameters interface{} `json:"taskParameters"`
}

Properties for defining a `CfnMaintenanceWindowTask`.

TODO: EXAMPLE

type CfnMaintenanceWindowTask_LoggingInfoProperty 

type CfnMaintenanceWindowTask_LoggingInfoProperty struct {
	// The AWS Region where the S3 bucket is located.
	Region *string `json:"region"`
	// The name of an S3 bucket where execution logs are stored .
	S3Bucket *string `json:"s3Bucket"`
	// The Amazon S3 bucket subfolder.
	S3Prefix *string `json:"s3Prefix"`
}

The `LoggingInfo` property type specifies information about the Amazon S3 bucket to write instance-level logs to.

`LoggingInfo` is a property of the [AWS::SSM::MaintenanceWindowTask](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html) resource.

> `LoggingInfo` has been deprecated. To specify an Amazon S3 bucket to contain logs, instead use the `OutputS3BucketName` and `OutputS3KeyPrefix` options in the `TaskInvocationParameters` structure. For information about how Systems Manager handles these options for the supported maintenance window task types, see [AWS Systems Manager MaintenanceWindowTask TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) .

TODO: EXAMPLE

type CfnMaintenanceWindowTask_MaintenanceWindowAutomationParametersProperty 

type CfnMaintenanceWindowTask_MaintenanceWindowAutomationParametersProperty struct {
	// The version of an Automation runbook to use during task execution.
	DocumentVersion *string `json:"documentVersion"`
	// The parameters for the AUTOMATION task.
	Parameters interface{} `json:"parameters"`
}

The `MaintenanceWindowAutomationParameters` property type specifies the parameters for an `AUTOMATION` task type for a maintenance window task in AWS Systems Manager .

`MaintenanceWindowAutomationParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.

For information about available parameters in Automation runbooks, you can view the content of the runbook itself in the Systems Manager console. For information, see [View runbook content](https://docs.aws.amazon.com/systems-manager/latest/userguide/automation-documents-reference-details.html#view-automation-json) in the *AWS Systems Manager User Guide* .

TODO: EXAMPLE

type CfnMaintenanceWindowTask_MaintenanceWindowLambdaParametersProperty 

type CfnMaintenanceWindowTask_MaintenanceWindowLambdaParametersProperty struct {
	// Client-specific information to pass to the AWS Lambda function that you're invoking.
	//
	// You can then use the `context` variable to process the client information in your AWS Lambda function.
	ClientContext *string `json:"clientContext"`
	// JSON to provide to your AWS Lambda function as input.
	//
	// > Although `Type` is listed as "String" for this property, the payload content must be formatted as a Base64-encoded binary data object.
	//
	// *Length Constraint:* 4096
	Payload *string `json:"payload"`
	// An AWS Lambda function version or alias name.
	//
	// If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to.
	Qualifier *string `json:"qualifier"`
}

The `MaintenanceWindowLambdaParameters` property type specifies the parameters for a `LAMBDA` task type for a maintenance window task in AWS Systems Manager .

`MaintenanceWindowLambdaParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.

TODO: EXAMPLE

type CfnMaintenanceWindowTask_MaintenanceWindowRunCommandParametersProperty 

type CfnMaintenanceWindowTask_MaintenanceWindowRunCommandParametersProperty struct {
	// Information about the command or commands to run.
	Comment *string `json:"comment"`
	// The SHA-256 or SHA-1 hash created by the system when the document was created.
	//
	// SHA-1 hashes have been deprecated.
	DocumentHash *string `json:"documentHash"`
	// The SHA-256 or SHA-1 hash type.
	//
	// SHA-1 hashes are deprecated.
	DocumentHashType *string `json:"documentHashType"`
	// Configurations for sending notifications about command status changes on a per-managed node basis.
	NotificationConfig interface{} `json:"notificationConfig"`
	// The name of the Amazon Simple Storage Service (Amazon S3) bucket.
	OutputS3BucketName *string `json:"outputS3BucketName"`
	// The S3 bucket subfolder.
	OutputS3KeyPrefix *string `json:"outputS3KeyPrefix"`
	// The parameters for the `RUN_COMMAND` task execution.
	//
	// The supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .
	Parameters interface{} `json:"parameters"`
	// The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role to use to publish Amazon Simple Notification Service (Amazon SNS) notifications for maintenance window Run Command tasks.
	ServiceRoleArn *string `json:"serviceRoleArn"`
	// If this time is reached and the command hasn't already started running, it doesn't run.
	TimeoutSeconds *float64 `json:"timeoutSeconds"`
}

The `MaintenanceWindowRunCommandParameters` property type specifies the parameters for a `RUN_COMMAND` task type for a maintenance window task in AWS Systems Manager .

This means that these parameters are the same as those for the `SendCommand` API call. For more information about `SendCommand` parameters, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* .

For information about available parameters in SSM Command documents, you can view the content of the document itself in the Systems Manager console. For information, see [Viewing SSM command document content](https://docs.aws.amazon.com/systems-manager/latest/userguide/viewing-ssm-document-content.html) in the *AWS Systems Manager User Guide* .

`MaintenanceWindowRunCommandParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.

TODO: EXAMPLE

type CfnMaintenanceWindowTask_MaintenanceWindowStepFunctionsParametersProperty 

type CfnMaintenanceWindowTask_MaintenanceWindowStepFunctionsParametersProperty struct {
	// The inputs for the `STEP_FUNCTIONS` task.
	Input *string `json:"input"`
	// The name of the `STEP_FUNCTIONS` task.
	Name *string `json:"name"`
}

The `MaintenanceWindowStepFunctionsParameters` property type specifies the parameters for the execution of a `STEP_FUNCTIONS` task in a Systems Manager maintenance window.

`MaintenanceWindowStepFunctionsParameters` is a property of the [TaskInvocationParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-taskinvocationparameters.html) property type.

TODO: EXAMPLE

type CfnMaintenanceWindowTask_NotificationConfigProperty 

type CfnMaintenanceWindowTask_NotificationConfigProperty struct {
	// An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic.
	//
	// Run Command pushes notifications about command status changes to this topic.
	NotificationArn *string `json:"notificationArn"`
	// The different events that you can receive notifications for.
	//
	// These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* .
	NotificationEvents *[]*string `json:"notificationEvents"`
	// The notification type.
	//
	// - `Command` : Receive notification when the status of a command changes.
	// - `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes.
	NotificationType *string `json:"notificationType"`
}

The `NotificationConfig` property type specifies configurations for sending notifications for a maintenance window task in AWS Systems Manager .

`NotificationConfig` is a property of the [MaintenanceWindowRunCommandParameters](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-maintenancewindowtask-maintenancewindowruncommandparameters.html) property type.

TODO: EXAMPLE

type CfnMaintenanceWindowTask_TargetProperty 

type CfnMaintenanceWindowTask_TargetProperty struct {
	// User-defined criteria for sending commands that target instances that meet the criteria.
	//
	// `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .
	Key *string `json:"key"`
	// User-defined criteria that maps to `Key` .
	//
	// For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* .
	Values *[]*string `json:"values"`
}

The `Target` property type specifies targets (either instances or window target IDs).

You specify instances by using `Key=InstanceIds,Values=< *instanceid1* >,< *instanceid2* >` . You specify window target IDs using `Key=WindowTargetIds,Values=< *window-target-id-1* >,< *window-target-id-2* >` for a maintenance window task in AWS Systems Manager .

`Target` is a property of the [AWS::SSM::MaintenanceWindowTask](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html) property type.

> To use `resource-groups:Name` as the key for a maintenance window target, specify the resource group as a `AWS::SSM::MaintenanceWindowTarget` type, and use the `Ref` function to specify the target for `AWS::SSM::MaintenanceWindowTask` . For an example, see *Create a Run Command task that targets instances using a resource group name* in [AWS::SSM::MaintenanceWindowTask Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html#aws-resource-ssm-maintenancewindowtask--examples) .

TODO: EXAMPLE

type CfnMaintenanceWindowTask_TaskInvocationParametersProperty 

type CfnMaintenanceWindowTask_TaskInvocationParametersProperty struct {
	// The parameters for an `AUTOMATION` task type.
	MaintenanceWindowAutomationParameters interface{} `json:"maintenanceWindowAutomationParameters"`
	// The parameters for a `LAMBDA` task type.
	MaintenanceWindowLambdaParameters interface{} `json:"maintenanceWindowLambdaParameters"`
	// The parameters for a `RUN_COMMAND` task type.
	MaintenanceWindowRunCommandParameters interface{} `json:"maintenanceWindowRunCommandParameters"`
	// The parameters for a `STEP_FUNCTIONS` task type.
	MaintenanceWindowStepFunctionsParameters interface{} `json:"maintenanceWindowStepFunctionsParameters"`
}

The `TaskInvocationParameters` property type specifies the task execution parameters for a maintenance window task in AWS Systems Manager .

`TaskInvocationParameters` is a property of the [AWS::SSM::MaintenanceWindowTask](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-maintenancewindowtask.html) property type.

TODO: EXAMPLE

type CfnParameter 

type CfnParameter interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AllowedPattern() *string
	SetAllowedPattern(val *string)
	AttrType() *string
	AttrValue() *string
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	DataType() *string
	SetDataType(val *string)
	Description() *string
	SetDescription(val *string)
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	Policies() *string
	SetPolicies(val *string)
	Ref() *string
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	Tier() *string
	SetTier(val *string)
	Type() *string
	SetType(val *string)
	UpdatedProperites() *map[string]interface{}
	Value() *string
	SetValue(val *string)
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::Parameter`.

The `AWS::SSM::Parameter` resource creates an SSM parameter in AWS Systems Manager Parameter Store.

> To create an SSM parameter, you must have the AWS Identity and Access Management ( IAM ) permissions `ssm:PutParameter` and `ssm:AddTagsToResource` . On stack creation, AWS CloudFormation adds the following three tags to the parameter: `aws:cloudformation:stack-name` , `aws:cloudformation:logical-id` , and `aws:cloudformation:stack-id` , in addition to any custom tags you specify. > > To add, update, or remove tags during stack update, you must have IAM permissions for both `ssm:AddTagsToResource` and `ssm:RemoveTagsFromResource` . For more information, see [Managing Access Using Policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/security-iam.html#security_iam_access-manage) in the *AWS Systems Manager User Guide* .

For information about valid values for parameters, see [Requirements and Constraints for Parameter Names](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) in the *AWS Systems Manager User Guide* and [PutParameter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PutParameter.html) in the *AWS Systems Manager API Reference* .

TODO: EXAMPLE

func NewCfnParameter 

func NewCfnParameter(scope constructs.Construct, id *string, props *CfnParameterProps) CfnParameter

Create a new `AWS::SSM::Parameter`.

type CfnParameterProps 

type CfnParameterProps struct {
	// The type of parameter.
	//
	// > AWS CloudFormation doesn't support creating a `SecureString` parameter type.
	//
	// *Allowed Values* : String | StringList
	Type *string `json:"type"`
	// The parameter value.
	Value *string `json:"value"`
	// A regular expression used to validate the parameter value.
	//
	// For example, for String types with values restricted to numbers, you can specify the following: `AllowedPattern=^\d+$`
	AllowedPattern *string `json:"allowedPattern"`
	// The data type of the parameter, such as `text` or `aws:ec2:image` .
	//
	// The default is `text` .
	DataType *string `json:"dataType"`
	// Information about the parameter.
	Description *string `json:"description"`
	// The name of the parameter.
	Name *string `json:"name"`
	// Information about the policies assigned to a parameter.
	//
	// [Assigning parameter policies](https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html) in the *AWS Systems Manager User Guide* .
	Policies *string `json:"policies"`
	// Optional metadata that you assign to a resource in the form of an arbitrary set of tags (key-value pairs).
	//
	// Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a Systems Manager parameter to identify the type of resource to which it applies, the environment, or the type of configuration data referenced by the parameter.
	Tags interface{} `json:"tags"`
	// The parameter tier.
	Tier *string `json:"tier"`
}

Properties for defining a `CfnParameter`.

TODO: EXAMPLE

type CfnPatchBaseline 

type CfnPatchBaseline interface {
	awscdk.CfnResource
	awscdk.IInspectable
	ApprovalRules() interface{}
	SetApprovalRules(val interface{})
	ApprovedPatches() *[]*string
	SetApprovedPatches(val *[]*string)
	ApprovedPatchesComplianceLevel() *string
	SetApprovedPatchesComplianceLevel(val *string)
	ApprovedPatchesEnableNonSecurity() interface{}
	SetApprovedPatchesEnableNonSecurity(val interface{})
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	Description() *string
	SetDescription(val *string)
	GlobalFilters() interface{}
	SetGlobalFilters(val interface{})
	LogicalId() *string
	Name() *string
	SetName(val *string)
	Node() constructs.Node
	OperatingSystem() *string
	SetOperatingSystem(val *string)
	PatchGroups() *[]*string
	SetPatchGroups(val *[]*string)
	Ref() *string
	RejectedPatches() *[]*string
	SetRejectedPatches(val *[]*string)
	RejectedPatchesAction() *string
	SetRejectedPatchesAction(val *string)
	Sources() interface{}
	SetSources(val interface{})
	Stack() awscdk.Stack
	Tags() awscdk.TagManager
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::PatchBaseline`.

The `AWS::SSM::PatchBaseline` resource defines the basic information for an AWS Systems Manager patch baseline. A patch baseline defines which patches are approved for installation on your instances.

For more information, see [CreatePatchBaseline](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreatePatchBaseline.html) in the *AWS Systems Manager API Reference* .

TODO: EXAMPLE

func NewCfnPatchBaseline 

func NewCfnPatchBaseline(scope constructs.Construct, id *string, props *CfnPatchBaselineProps) CfnPatchBaseline

Create a new `AWS::SSM::PatchBaseline`.

type CfnPatchBaselineProps 

type CfnPatchBaselineProps struct {
	// The name of the patch baseline.
	Name *string `json:"name"`
	// A set of rules used to include patches in the baseline.
	ApprovalRules interface{} `json:"approvalRules"`
	// A list of explicitly approved patches for the baseline.
	//
	// For information about accepted formats for lists of approved patches and rejected patches, see [About package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .
	ApprovedPatches *[]*string `json:"approvedPatches"`
	// Defines the compliance level for approved patches.
	//
	// When an approved patch is reported as missing, this value describes the severity of the compliance violation. The default value is `UNSPECIFIED` .
	ApprovedPatchesComplianceLevel *string `json:"approvedPatchesComplianceLevel"`
	// Indicates whether the list of approved patches includes non-security updates that should be applied to the managed nodes.
	//
	// The default value is `false` . Applies to Linux managed nodes only.
	ApprovedPatchesEnableNonSecurity interface{} `json:"approvedPatchesEnableNonSecurity"`
	// A description of the patch baseline.
	Description *string `json:"description"`
	// A set of global filters used to include patches in the baseline.
	GlobalFilters interface{} `json:"globalFilters"`
	// Defines the operating system the patch baseline applies to.
	//
	// The default value is `WINDOWS` .
	OperatingSystem *string `json:"operatingSystem"`
	// The name of the patch group to be registered with the patch baseline.
	PatchGroups *[]*string `json:"patchGroups"`
	// A list of explicitly rejected patches for the baseline.
	//
	// For information about accepted formats for lists of approved patches and rejected patches, see [About package name formats for approved and rejected patch lists](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-approved-rejected-package-name-formats.html) in the *AWS Systems Manager User Guide* .
	RejectedPatches *[]*string `json:"rejectedPatches"`
	// The action for Patch Manager to take on patches included in the `RejectedPackages` list.
	//
	// - *`ALLOW_AS_DEPENDENCY`* : A package in the `Rejected` patches list is installed only if it is a dependency of another package. It is considered compliant with the patch baseline, and its status is reported as `InstalledOther` . This is the default action if no option is specified.
	// - *`BLOCK`* : Packages in the `RejectedPatches` list, and packages that include them as dependencies, aren't installed under any circumstances. If a package was installed before it was added to the Rejected patches list, it is considered non-compliant with the patch baseline, and its status is reported as `InstalledRejected` .
	RejectedPatchesAction *string `json:"rejectedPatchesAction"`
	// Information about the patches to use to update the managed nodes, including target operating systems and source repositories.
	//
	// Applies to Linux managed nodes only.
	Sources interface{} `json:"sources"`
	// Optional metadata that you assign to a resource.
	//
	// Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a patch baseline to identify the severity level of patches it specifies and the operating system family it applies to.
	Tags *[]*awscdk.CfnTag `json:"tags"`
}

Properties for defining a `CfnPatchBaseline`.

TODO: EXAMPLE

type CfnPatchBaseline_PatchFilterGroupProperty 

type CfnPatchBaseline_PatchFilterGroupProperty struct {
	// The set of patch filters that make up the group.
	PatchFilters interface{} `json:"patchFilters"`
}

The `PatchFilterGroup` property type specifies a set of patch filters for an AWS Systems Manager patch baseline, typically used for approval rules for a Systems Manager patch baseline.

`PatchFilterGroup` is the property type for the `GlobalFilters` property of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource and the `PatchFilterGroup` property of the [Rule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rule.html) property type.

TODO: EXAMPLE

type CfnPatchBaseline_PatchFilterProperty 

type CfnPatchBaseline_PatchFilterProperty struct {
	// The key for the filter.
	//
	// For information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .
	Key *string `json:"key"`
	// The value for the filter key.
	//
	// For information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .
	Values *[]*string `json:"values"`
}

The `PatchFilter` property type defines a patch filter for an AWS Systems Manager patch baseline.

The `PatchFilters` property of the [PatchFilterGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-patchfiltergroup.html) property type contains a list of `PatchFilter` property types.

You can view lists of valid values for the patch properties by running the `DescribePatchProperties` command. For more information, see [DescribePatchProperties](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribePatchProperties.html) in the *AWS Systems Manager API Reference* .

TODO: EXAMPLE

type CfnPatchBaseline_PatchSourceProperty 

type CfnPatchBaseline_PatchSourceProperty struct {
	// The value of the yum repo configuration. For example:.
	//
	// `[main]`
	//
	// `name=MyCustomRepository`
	//
	// `baseurl=https://my-custom-repository`
	//
	// `enabled=1`
	//
	// > For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) .
	Configuration *string `json:"configuration"`
	// The name specified to identify the patch source.
	Name *string `json:"name"`
	// The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "AmazonLinux2016.09", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* .
	Products *[]*string `json:"products"`
}

`PatchSource` is the property type for the `Sources` resource of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource.

The AWS CloudFormation `AWS::SSM::PatchSource` resource is used to provide information about the patches to use to update target instances, including target operating systems and source repository. Applies to Linux instances only.

TODO: EXAMPLE

type CfnPatchBaseline_RuleGroupProperty 

type CfnPatchBaseline_RuleGroupProperty struct {
	// The rules that make up the rule group.
	PatchRules interface{} `json:"patchRules"`
}

The `RuleGroup` property type specifies a set of rules that define the approval rules for an AWS Systems Manager patch baseline.

`RuleGroup` is the property type for the `ApprovalRules` property of the [AWS::SSM::PatchBaseline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-patchbaseline.html) resource.

TODO: EXAMPLE

type CfnPatchBaseline_RuleProperty 

type CfnPatchBaseline_RuleProperty struct {
	// The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline.
	//
	// For example, a value of `7` means that patches are approved seven days after they are released.
	//
	// You must specify a value for `ApproveAfterDays` .
	//
	// Exception: Not supported on Debian Server or Ubuntu Server.
	ApproveAfterDays *float64 `json:"approveAfterDays"`
	// The cutoff date for auto approval of released patches.
	//
	// Any patches released on or before this date are installed automatically. Not supported on Debian Server or Ubuntu Server.
	//
	// Enter dates in the format `YYYY-MM-DD` . For example, `2021-12-31` .
	ApproveUntilDate *string `json:"approveUntilDate"`
	// A compliance severity level for all approved patches in a patch baseline.
	//
	// Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` .
	ComplianceLevel *string `json:"complianceLevel"`
	// For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository.
	//
	// The default value is `false` . Applies to Linux managed nodes only.
	EnableNonSecurity interface{} `json:"enableNonSecurity"`
	// The patch filter group that defines the criteria for the rule.
	PatchFilterGroup interface{} `json:"patchFilterGroup"`
}

The `Rule` property type specifies an approval rule for a Systems Manager patch baseline.

The `PatchRules` property of the [RuleGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-patchbaseline-rulegroup.html) property type contains a list of `Rule` property types.

TODO: EXAMPLE

type CfnResourceDataSync 

type CfnResourceDataSync interface {
	awscdk.CfnResource
	awscdk.IInspectable
	AttrSyncName() *string
	BucketName() *string
	SetBucketName(val *string)
	BucketPrefix() *string
	SetBucketPrefix(val *string)
	BucketRegion() *string
	SetBucketRegion(val *string)
	CfnOptions() awscdk.ICfnResourceOptions
	CfnProperties() *map[string]interface{}
	CfnResourceType() *string
	CreationStack() *[]*string
	KmsKeyArn() *string
	SetKmsKeyArn(val *string)
	LogicalId() *string
	Node() constructs.Node
	Ref() *string
	S3Destination() interface{}
	SetS3Destination(val interface{})
	Stack() awscdk.Stack
	SyncFormat() *string
	SetSyncFormat(val *string)
	SyncName() *string
	SetSyncName(val *string)
	SyncSource() interface{}
	SetSyncSource(val interface{})
	SyncType() *string
	SetSyncType(val *string)
	UpdatedProperites() *map[string]interface{}
	AddDeletionOverride(path *string)
	AddDependsOn(target awscdk.CfnResource)
	AddMetadata(key *string, value interface{})
	AddOverride(path *string, value interface{})
	AddPropertyDeletionOverride(propertyPath *string)
	AddPropertyOverride(propertyPath *string, value interface{})
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions)
	GetAtt(attributeName *string) awscdk.Reference
	GetMetadata(key *string) interface{}
	Inspect(inspector awscdk.TreeInspector)
	OverrideLogicalId(newLogicalId *string)
	RenderProperties(props *map[string]interface{}) *map[string]interface{}
	ShouldSynthesize() *bool
	ToString() *string
	ValidateProperties(_properties interface{})
}

A CloudFormation `AWS::SSM::ResourceDataSync`.

The `AWS::SSM::ResourceDataSync` resource creates, updates, or deletes a resource data sync for AWS Systems Manager . A resource data sync helps you view data from multiple sources in a single location. Systems Manager offers two types of resource data sync: `SyncToDestination` and `SyncFromSource` .

You can configure Systems Manager Inventory to use the `SyncToDestination` type to synchronize Inventory data from multiple AWS Regions to a single Amazon S3 bucket.

You can configure Systems Manager Explorer to use the `SyncFromSource` type to synchronize operational work items (OpsItems) and operational data (OpsData) from multiple AWS Regions . This type can synchronize OpsItems and OpsData from multiple AWS accounts and Regions or from an `EntireOrganization` by using AWS Organizations .

A resource data sync is an asynchronous operation that returns immediately. After a successful initial sync is completed, the system continuously syncs data.

By default, data is not encrypted in Amazon S3 . We strongly recommend that you enable encryption in Amazon S3 to ensure secure data storage. We also recommend that you secure access to the Amazon S3 bucket by creating a restrictive bucket policy.

For more information, see [Configuring Inventory Collection](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-configuring.html#sysman-inventory-datasync) and [Setting Up Systems Manager Explorer to Display Data from Multiple Accounts and Regions](https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resource-data-sync.html) in the *AWS Systems Manager User Guide* .

Important: The following *Syntax* section shows all fields that are supported for a resource data sync. The *Examples* section below shows the recommended way to specify configurations for each sync type. Please see the *Examples* section when you create your resource data sync.

TODO: EXAMPLE

func NewCfnResourceDataSync 

func NewCfnResourceDataSync(scope constructs.Construct, id *string, props *CfnResourceDataSyncProps) CfnResourceDataSync

Create a new `AWS::SSM::ResourceDataSync`.

type CfnResourceDataSyncProps 

type CfnResourceDataSyncProps struct {
	// A name for the resource data sync.
	SyncName *string `json:"syncName"`
	// The name of the S3 bucket where the aggregated data is stored.
	BucketName *string `json:"bucketName"`
	// An Amazon S3 prefix for the bucket.
	BucketPrefix *string `json:"bucketPrefix"`
	// The AWS Region with the S3 bucket targeted by the resource data sync.
	BucketRegion *string `json:"bucketRegion"`
	// The ARN of an encryption key for a destination in Amazon S3 .
	//
	// You can use a KMS key to encrypt inventory data in Amazon S3 . You must specify a key that exist in the same region as the destination Amazon S3 bucket.
	KmsKeyArn *string `json:"kmsKeyArn"`
	// Configuration information for the target S3 bucket.
	S3Destination interface{} `json:"s3Destination"`
	// A supported sync format.
	//
	// The following format is currently supported: JsonSerDe
	SyncFormat *string `json:"syncFormat"`
	// Information about the source where the data was synchronized.
	SyncSource interface{} `json:"syncSource"`
	// The type of resource data sync.
	//
	// If `SyncType` is `SyncToDestination` , then the resource data sync synchronizes data to an S3 bucket. If the `SyncType` is `SyncFromSource` then the resource data sync synchronizes data from AWS Organizations or from multiple AWS Regions .
	SyncType *string `json:"syncType"`
}

Properties for defining a `CfnResourceDataSync`.

TODO: EXAMPLE

type CfnResourceDataSync_AwsOrganizationsSourceProperty 

type CfnResourceDataSync_AwsOrganizationsSourceProperty struct {
	// If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` .
	//
	// For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization.
	OrganizationSourceType *string `json:"organizationSourceType"`
	// The AWS Organizations organization units included in the sync.
	OrganizationalUnits *[]*string `json:"organizationalUnits"`
}

Information about the `AwsOrganizationsSource` resource data sync source.

A sync source of this type can synchronize data from AWS Organizations or, if an AWS organization isn't present, from multiple AWS Regions .

TODO: EXAMPLE

type CfnResourceDataSync_S3DestinationProperty 

type CfnResourceDataSync_S3DestinationProperty struct {
	// The name of the S3 bucket where the aggregated data is stored.
	BucketName *string `json:"bucketName"`
	// The AWS Region with the S3 bucket targeted by the resource data sync.
	BucketRegion *string `json:"bucketRegion"`
	// A supported sync format.
	//
	// The following format is currently supported: JsonSerDe
	SyncFormat *string `json:"syncFormat"`
	// An Amazon S3 prefix for the bucket.
	BucketPrefix *string `json:"bucketPrefix"`
	// The ARN of an encryption key for a destination in Amazon S3.
	//
	// Must belong to the same Region as the destination S3 bucket.
	KmsKeyArn *string `json:"kmsKeyArn"`
}

Information about the target S3 bucket for the resource data sync.

TODO: EXAMPLE

type CfnResourceDataSync_SyncSourceProperty 

type CfnResourceDataSync_SyncSourceProperty struct {
	// The `SyncSource` AWS Regions included in the resource data sync.
	SourceRegions *[]*string `json:"sourceRegions"`
	// The type of data source for the resource data sync.
	//
	// `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` .
	SourceType *string `json:"sourceType"`
	// Information about the AwsOrganizationsSource resource data sync source.
	//
	// A sync source of this type can synchronize data from AWS Organizations .
	AwsOrganizationsSource interface{} `json:"awsOrganizationsSource"`
	// Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online.
	IncludeFutureRegions interface{} `json:"includeFutureRegions"`
}

Information about the source of the data included in the resource data sync.

TODO: EXAMPLE

type CommonStringParameterAttributes 

type CommonStringParameterAttributes struct {
	// The name of the parameter store value.
	//
	// This value can be a token or a concrete string. If it is a concrete string
	// and includes "/" it must also be prefixed with a "/" (fully-qualified).
	ParameterName *string `json:"parameterName"`
	// Indicates of the parameter name is a simple name (i.e. does not include "/" separators).
	//
	// This is only required only if `parameterName` is a token, which means we
	// are unable to detect if the name is simple or "path-like" for the purpose
	// of rendering SSM parameter ARNs.
	//
	// If `parameterName` is not specified, `simpleName` must be `true` (or
	// undefined) since the name generated by AWS CloudFormation is always a
	// simple name.
	SimpleName *bool `json:"simpleName"`
}

Common attributes for string parameters.

TODO: EXAMPLE

type IParameter 

type IParameter interface {
	awscdk.IResource
	// Grants read (DescribeParameter, GetParameter, GetParameterHistory) permissions on the SSM Parameter.
	GrantRead(grantee awsiam.IGrantable) awsiam.Grant
	// Grants write (PutParameter) permissions on the SSM Parameter.
	GrantWrite(grantee awsiam.IGrantable) awsiam.Grant
	// The ARN of the SSM Parameter resource.
	ParameterArn() *string
	// The name of the SSM Parameter resource.
	ParameterName() *string
	// The type of the SSM Parameter resource.
	ParameterType() *string
}

An SSM Parameter reference.

type IStringListParameter 

type IStringListParameter interface {
	IParameter
	// The parameter value.
	//
	// Value must not nest another parameter. Do not use {{}} in the value. Values in the array
	// cannot contain commas (“,“).
	StringListValue() *[]*string
}

A StringList SSM Parameter.

func StringListParameter_FromStringListParameterName 

func StringListParameter_FromStringListParameterName(scope constructs.Construct, id *string, stringListParameterName *string) IStringListParameter

Imports an external parameter of type string list.

Returns a token and should not be parsed.

type IStringParameter 

type IStringParameter interface {
	IParameter
	// The parameter value.
	//
	// Value must not nest another parameter. Do not use {{}} in the value.
	StringValue() *string
}

A String SSM Parameter.

func StringParameter_FromSecureStringParameterAttributes 

func StringParameter_FromSecureStringParameterAttributes(scope constructs.Construct, id *string, attrs *SecureStringParameterAttributes) IStringParameter

Imports a secure string parameter from the SSM parameter store.

func StringParameter_FromStringParameterAttributes 

func StringParameter_FromStringParameterAttributes(scope constructs.Construct, id *string, attrs *StringParameterAttributes) IStringParameter

Imports an external string parameter with name and optional version.

func StringParameter_FromStringParameterName 

func StringParameter_FromStringParameterName(scope constructs.Construct, id *string, stringParameterName *string) IStringParameter

Imports an external string parameter by name.

type ParameterDataType 

type ParameterDataType string

SSM parameter data type. 

const (
	ParameterDataType_TEXT          ParameterDataType = "TEXT"
	ParameterDataType_AWS_EC2_IMAGE ParameterDataType = "AWS_EC2_IMAGE"
)

type ParameterOptions 

type ParameterOptions struct {
	// A regular expression used to validate the parameter value.
	//
	// For example, for String types with values restricted to
	// numbers, you can specify the following: “^\d+$“
	AllowedPattern *string `json:"allowedPattern"`
	// Information about the parameter that you want to add to the system.
	Description *string `json:"description"`
	// The name of the parameter.
	ParameterName *string `json:"parameterName"`
	// Indicates of the parameter name is a simple name (i.e. does not include "/" separators).
	//
	// This is only required only if `parameterName` is a token, which means we
	// are unable to detect if the name is simple or "path-like" for the purpose
	// of rendering SSM parameter ARNs.
	//
	// If `parameterName` is not specified, `simpleName` must be `true` (or
	// undefined) since the name generated by AWS CloudFormation is always a
	// simple name.
	SimpleName *bool `json:"simpleName"`
	// The tier of the string parameter.
	Tier ParameterTier `json:"tier"`
}

Properties needed to create a new SSM Parameter.

TODO: EXAMPLE

type ParameterTier 

type ParameterTier string

SSM parameter tier.

TODO: EXAMPLE 

const (
	ParameterTier_ADVANCED            ParameterTier = "ADVANCED"
	ParameterTier_INTELLIGENT_TIERING ParameterTier = "INTELLIGENT_TIERING"
	ParameterTier_STANDARD            ParameterTier = "STANDARD"
)

type ParameterType 

type ParameterType string

SSM parameter type. 

const (
	ParameterType_STRING           ParameterType = "STRING"
	ParameterType_SECURE_STRING    ParameterType = "SECURE_STRING"
	ParameterType_STRING_LIST      ParameterType = "STRING_LIST"
	ParameterType_AWS_EC2_IMAGE_ID ParameterType = "AWS_EC2_IMAGE_ID"
)

type SecureStringParameterAttributes 

type SecureStringParameterAttributes struct {
	// The name of the parameter store value.
	//
	// This value can be a token or a concrete string. If it is a concrete string
	// and includes "/" it must also be prefixed with a "/" (fully-qualified).
	ParameterName *string `json:"parameterName"`
	// Indicates of the parameter name is a simple name (i.e. does not include "/" separators).
	//
	// This is only required only if `parameterName` is a token, which means we
	// are unable to detect if the name is simple or "path-like" for the purpose
	// of rendering SSM parameter ARNs.
	//
	// If `parameterName` is not specified, `simpleName` must be `true` (or
	// undefined) since the name generated by AWS CloudFormation is always a
	// simple name.
	SimpleName *bool `json:"simpleName"`
	// The encryption key that is used to encrypt this parameter.
	EncryptionKey awskms.IKey `json:"encryptionKey"`
	// The version number of the value you wish to retrieve.
	Version *float64 `json:"version"`
}

Attributes for secure string parameters.

TODO: EXAMPLE

type StringListParameter 

type StringListParameter interface {
	awscdk.Resource
	IParameter
	IStringListParameter
	EncryptionKey() awskms.IKey
	Env() *awscdk.ResourceEnvironment
	Node() constructs.Node
	ParameterArn() *string
	ParameterName() *string
	ParameterType() *string
	PhysicalName() *string
	Stack() awscdk.Stack
	StringListValue() *[]*string
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	GrantRead(grantee awsiam.IGrantable) awsiam.Grant
	GrantWrite(grantee awsiam.IGrantable) awsiam.Grant
	ToString() *string
}

Creates a new StringList SSM Parameter.

TODO: EXAMPLE

func NewStringListParameter 

func NewStringListParameter(scope constructs.Construct, id *string, props *StringListParameterProps) StringListParameter

type StringListParameterProps 

type StringListParameterProps struct {
	// A regular expression used to validate the parameter value.
	//
	// For example, for String types with values restricted to
	// numbers, you can specify the following: “^\d+$“
	AllowedPattern *string `json:"allowedPattern"`
	// Information about the parameter that you want to add to the system.
	Description *string `json:"description"`
	// The name of the parameter.
	ParameterName *string `json:"parameterName"`
	// Indicates of the parameter name is a simple name (i.e. does not include "/" separators).
	//
	// This is only required only if `parameterName` is a token, which means we
	// are unable to detect if the name is simple or "path-like" for the purpose
	// of rendering SSM parameter ARNs.
	//
	// If `parameterName` is not specified, `simpleName` must be `true` (or
	// undefined) since the name generated by AWS CloudFormation is always a
	// simple name.
	SimpleName *bool `json:"simpleName"`
	// The tier of the string parameter.
	Tier ParameterTier `json:"tier"`
	// The values of the parameter.
	//
	// It may not reference another parameter and “{{}}“ cannot be used in the value.
	StringListValue *[]*string `json:"stringListValue"`
}

Properties needed to create a StringList SSM Parameter.

TODO: EXAMPLE

type StringParameter 

type StringParameter interface {
	awscdk.Resource
	IParameter
	IStringParameter
	EncryptionKey() awskms.IKey
	Env() *awscdk.ResourceEnvironment
	Node() constructs.Node
	ParameterArn() *string
	ParameterName() *string
	ParameterType() *string
	PhysicalName() *string
	Stack() awscdk.Stack
	StringValue() *string
	ApplyRemovalPolicy(policy awscdk.RemovalPolicy)
	GeneratePhysicalName() *string
	GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string
	GetResourceNameAttribute(nameAttr *string) *string
	GrantRead(grantee awsiam.IGrantable) awsiam.Grant
	GrantWrite(grantee awsiam.IGrantable) awsiam.Grant
	ToString() *string
}

Creates a new String SSM Parameter.

TODO: EXAMPLE

func NewStringParameter 

func NewStringParameter(scope constructs.Construct, id *string, props *StringParameterProps) StringParameter

type StringParameterAttributes 

type StringParameterAttributes struct {
	// The name of the parameter store value.
	//
	// This value can be a token or a concrete string. If it is a concrete string
	// and includes "/" it must also be prefixed with a "/" (fully-qualified).
	ParameterName *string `json:"parameterName"`
	// Indicates of the parameter name is a simple name (i.e. does not include "/" separators).
	//
	// This is only required only if `parameterName` is a token, which means we
	// are unable to detect if the name is simple or "path-like" for the purpose
	// of rendering SSM parameter ARNs.
	//
	// If `parameterName` is not specified, `simpleName` must be `true` (or
	// undefined) since the name generated by AWS CloudFormation is always a
	// simple name.
	SimpleName *bool `json:"simpleName"`
	// The type of the string parameter.
	Type ParameterType `json:"type"`
	// The version number of the value you wish to retrieve.
	Version *float64 `json:"version"`
}

Attributes for parameters of various types of string.

TODO: EXAMPLE

See: ParameterType

type StringParameterProps 

type StringParameterProps struct {
	// A regular expression used to validate the parameter value.
	//
	// For example, for String types with values restricted to
	// numbers, you can specify the following: “^\d+$“
	AllowedPattern *string `json:"allowedPattern"`
	// Information about the parameter that you want to add to the system.
	Description *string `json:"description"`
	// The name of the parameter.
	ParameterName *string `json:"parameterName"`
	// Indicates of the parameter name is a simple name (i.e. does not include "/" separators).
	//
	// This is only required only if `parameterName` is a token, which means we
	// are unable to detect if the name is simple or "path-like" for the purpose
	// of rendering SSM parameter ARNs.
	//
	// If `parameterName` is not specified, `simpleName` must be `true` (or
	// undefined) since the name generated by AWS CloudFormation is always a
	// simple name.
	SimpleName *bool `json:"simpleName"`
	// The tier of the string parameter.
	Tier ParameterTier `json:"tier"`
	// The value of the parameter.
	//
	// It may not reference another parameter and “{{}}“ cannot be used in the value.
	StringValue *string `json:"stringValue"`
	// The data type of the parameter, such as `text` or `aws:ec2:image`.
	DataType ParameterDataType `json:"dataType"`
	// The type of the string parameter.
	Type ParameterType `json:"type"`
}

Properties needed to create a String SSM parameter.

TODO: EXAMPLE

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.