En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

Modify SSM Document using CDK

0

I want to share the ssm document with another account via CDK lib. I am able to do the same via console and aws-cli. below is the command for aws-cli2 aws ssm --profile=dsc-dev modify-document-permission
--name 'myRunbookCDK'
--permission-type Share
--account-ids-to-add '111111111111' But there seems to be nothing similar in CDK . could you pls confirm if we can achieve the same via CDK and how?

Sujets
Gestion et gouvernance
Balises
Gestionnaire de systèmes AWS
Langue
English
dsc-dev
demandé il y a 2 ans951 vues
1 réponse
0

Hello! I understand that you'd like to modify the permissions of the AWS Systems Manager document created using CDK. CDK uses AWS CloudFormation to provision the resources defined in code. Currently, when a SSM document is defined using the CfnDocument construct the resource is provisioned using the AWS::SSM::Document resource type. Currently, this resource type doesn't support updating the permissions of a document. As a result, modifying permissions of a document is not supported via CDK.

That being said, I have created a feature request for supporting permission management via the AWS::SSM:Document resource type. This request can be tracked here.

In the meantime, it is possible to leverage CustomResources construct to perform the ModifyDocumentPermission API call and manage permissions for the SSM document via the same CDK application. An example for using custom-resources is available here.

Please let us know if you have any questions.

AWS
Deepak
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents