By using AWS re:Post, you agree to the Terms of Use

Questions tagged with AWS Systems Manager Incident Manager

Sort by most recent
  • 1
  • 12 / page

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Utilizing values returned from SSM Document in a Parent/Child Document

I have a SSM Automation document which as one of its steps, calls another automation document which return two values. I can see the output from the call to the child document back in the parent document, but I can't seem to find a way to reference it. ``` Outputs ClientToken 38014768-65e1-4a3a-821d-9xxxxxxxxxx ExecutionId 38014768-65e1-4a3a-821d-97acxxxxxxxxxxx Output This is a message to pass into the updatefinding step, SUPPRESSED Status Success ``` If the output was in the parent document I would have used {{ParentDocumentStepName.outputvalue}}, but when I try that as {{ParentDocStepWhichCallsSubDocument.outputvalue}} it doesnt seem to resolve. Does anyone have any suggestions for things to try? Here is my parent document: ``` description: | ### Document Name - TestParent ## What does this document do? This is the parent for a test of Parent to child testing ## Input Parameters None ## Output Parameters None schemaVersion: '0.3' assumeRole: '' mainSteps: - name: Remediation action: 'aws:executeAutomation' isEnd: false inputs: DocumentName: TestChild RuntimeParameters: AutomationAssumeRole: 'arn:{{global:AWS_PARTITION}}:iam::{{global:ACCOUNT_ID}}:role/SO0111-ConfigureS3ServerAccessLogging' outputs: - Name: remediationOutputMessage Selector: $.Payload.RemediationResultStatus Type: String - Name: remediationOutputStatus Selector: $.Payload.RemediationResultMessage Type: String - name: UpdateFinding action: 'aws:executeScript' inputs: Runtime: python3.8 Handler: script_handler Script: |- def script_handler(events, context): print(events) return {'message': 'Hello'} InputPayload: message: '{{Remediation.remediationOutputMessage}}' description: Update finding isEnd: true ``` And here is my Child Document: ``` description: | ### Document Name - TestChild ## What does this document do? returns a json object fixed for testing ## Input Parameters * AutomationAssumeRole: (Required) The ARN of the role that allows Automation to perform the actions on your behalf. ## Output Parameters * Remediation Result Status * Remediation Result Status schemaVersion: '0.3' assumeRole: '{{ AutomationAssumeRole }}' outputs: - RemediateTargetBucket.RemediationResultStatus - RemediateTargetBucket.RemediationResultMessage parameters: AutomationAssumeRole: type: String description: (Required) The ARN of the role that allows Automation to perform the actions on your behalf. allowedPattern: '^arn:(aws[a-zA-Z-]*)?:iam::\d{12}:role/[\w+=,.@-]+' mainSteps: - name: RemediateTargetBucket action: 'aws:executeScript' description: | Returns a fixed json object ``` { 'message': 'This is a message to pass into the updatefinding step', 'resourceBucketName': 'bucket1', 'LoggingBucketName': 'bucket2', 'status': 'SUPPRESSED' } ``` timeoutSeconds: 60 isCritical: true isEnd: true inputs: Runtime: python3.8 Handler: lambda_handler Script: | import json def lambda_handler(event, context): return { 'message': 'This is a message to pass into the updatefinding step', 'resourceBucketName': 'bucket1', 'LoggingBucketName': 'bucket2', 'status': 'SUPPRESSED' } outputs: - Name: RemediationResultMessage Selector: $.Payload.message Type: String - Name: RemediationResultStatus Selector: $.Payload.status Type: String ```
asked 25 days ago
  • 1
  • 12 / page