Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Modify SSM Document using CDK

0

I want to share the ssm document with another account via CDK lib. I am able to do the same via console and aws-cli. below is the command for aws-cli2 aws ssm --profile=dsc-dev modify-document-permission
--name 'myRunbookCDK'
--permission-type Share
--account-ids-to-add '111111111111' But there seems to be nothing similar in CDK . could you pls confirm if we can achieve the same via CDK and how?

Tópicos
Gestão e governança
Tags
Gerenciador de sistemas da AWS
Idioma
English
dsc-dev
feita há 2 anos951 visualizações
1 Resposta
0

Hello! I understand that you'd like to modify the permissions of the AWS Systems Manager document created using CDK. CDK uses AWS CloudFormation to provision the resources defined in code. Currently, when a SSM document is defined using the CfnDocument construct the resource is provisioned using the AWS::SSM::Document resource type. Currently, this resource type doesn't support updating the permissions of a document. As a result, modifying permissions of a document is not supported via CDK.

That being said, I have created a feature request for supporting permission management via the AWS::SSM:Document resource type. This request can be tracked here.

In the meantime, it is possible to leverage CustomResources construct to perform the ModifyDocumentPermission API call and manage permissions for the SSM document via the same CDK application. An example for using custom-resources is available here.

Please let us know if you have any questions.

AWS
Deepak
respondido há 2 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante