How To Create An AWS System Manager (SSM) Document

How To Create An AWS System Manager (SSM) Document

How To Create An AWS System Manager (SSM) Document

Hello Everyone

Welcome to CloudAffaire and this is Debjeet.

In the last blog post, we have discussed how to group your AWS resources with AWS Resource Group service using tags.

https://cloudaffaire.com/how-to-group-resources-in-aws-using-tags/

In this blog post, we will discuss how to create an AWS System Manager (SSM) document.

What Is AWS SSM Documents:

An AWS Systems Manager document (SSM document) defines the actions that SSM performs on your managed instances. SSM includes more than 100 pre-configured documents that you can use by specifying parameters at runtime. Documents use JSON or YAML, and they include steps and parameters that you specify. AWS SSM Documents supports versioning and tagging to manage different versions of same document. You can make your documents public or share them with specific AWS accounts in the same AWS Region.

AWS SSM Document Type:

  • Command document: Run Command uses command documents to run commands. State Manager uses command documents to apply a configuration. Maintenance Windows uses command documents to apply a configuration based on the specified schedule.
  • Automation document: Automation uses automation documents to perform common maintenance and deployment tasks such as creating or updating an AMI. State Manager uses automation documents to apply a configuration. Maintenance Windows uses automation documents to perform common maintenance and deployment tasks based on the specified schedule.
  • Package document: SSM Distributor uses a package document that includes attached ZIP archive files that contain software or assets to install on managed instances.
  • Session document: Session Manager uses session documents to determine which type of session to start, such as a port forwarding session, a session to run an interactive command, or a session to create an SSH tunnel.
  • Policy document: Systems Manager Inventory uses the policy document with a State Manager association to collect inventory data from managed instances.
  • Change Calendar document: Systems Manager Change Calendar uses the ChangeCalendar document type to allow or prevent Automation actions from changing your environment.

SSM Documents Schema Versions:

  • Schema version 0.3: Documents of type Automation must use schema version 0.3.
  • Schema version 1.2: Documents of type Command can use schema version 1.2 or 2.2.
  • Schema version 2.2: Documents of type Policy must use schema version 2.0 or later.

SSM Documents Elements:

  • schemaVersion: (Required) The schema version to use, can be 0.3, 1.2, 2.0 or 2.2.
  • description: (Optional) Information you provide to describe the purpose of the document.
  • parameters: (Optional) A structure that defines the parameters the document accepts.
    • type: (Required) Allowed values include the following: String, StringList, Boolean, MapList, and StringMap.
    • description: (Optional) A description of the parameter.
    • default: (Optional) The default value of the parameter or a reference to a parameter in Parameter Store.
    • allowedValues: (Optional) An array of values allowed for the parameter.
    • allowedPattern: (Optional) A regular expression that validates whether the user input matches the defined pattern for the parameter.
    • displayType: (Optional) Used to display either a textfield or a textarea in the AWS Management Console.
    • minItems: (Optional) The minimum number of items allowed.
    • maxItems: (Optional) The maximum number of items allowed.
    • minChars: (Optional) The minimum number of parameter characters allowed.
    • maxChars: (Optional) The maximum number of parameter characters allowed.
  • runtimeConfig: (Optional) (Schema version 1.2 only) The configuration for the instance as applied by one or more Systems Manager plugins.
  • mainSteps: (Required) (Schema version 0.3, 2.0, and 2.2 only) An object that can include multiple steps (plugins).
  • outputs: (Optional) (Schema version 0.3 only) Data generated by the execution of this document that can be used in other processes.
  • files: (Optional) (Schema version 0.3 only) The script files (and their checksums) attached to the document and run during an automation execution.

How To Create An AWS System Manager (SSM) Document

Requirements:

AWS CLI installed and configured. You can follow the below blog post to install and configure AWS CLI.

https://cloudaffaire.com/how-to-install-aws-cli/

https://cloudaffaire.com/how-to-configure-aws-cli/

Step 1: Create the document content in YAML format and then create the SSM document using AWS CLI.

Step 2: Get SSM document details.

Step 3: Update the SSM document content.

Step 4: Update the SSM document version.

Step 5: Cleanup.

Hope you have enjoyed this blog post, In the next blog post, we will execute this custom SSM document using the SSM run command feature. To get more details on AWS SSM, please refer below AWS documentation

https://docs.aws.amazon.com/systems-manager/index.html

 

Leave a Reply

Close Menu