The cfn-lambda-ssm-secret
function create a secret value and put to AWS::SSM::Parameter
- Using
MasterUserPassword
of AWS::RDS::DBCluster - Want to put secret for application such as
BasicAuthentication
Resources:
Secret:
Type: Custom::SsmSecret
Properties:
ServiceToken: !ImportValue cfn-lambda-ssm-secret:LambdaArn
Name: /demo/cfn-lambda/ssm-secret/secret
Outputs:
OutputSecret:
Value: !GetAtt Secret.Secret
- Docs
- Required: Yes
- Update requires: Replacement
- Character pattern to create a secret string.
- Default: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
- Required: No
- Update requires: No interruption
- Character length to create a secret string.
- Default: 32
- Required: No
- Update requires: No interruption
- The policies are used by creation phase of AWS CloudFormation.
- Support values:
- UseIfExists
- If ssm parameter already exists, this function use this value.
- Overwrite
- If ssm parameter already exists, this function overwrite value.
- UseIfExists
- Required: No
- Update requires: No interruption
- The policies are user by update phase of AWS CloudFormation.
- Support values:
- Retain
- Do not update the value in any case, Even if the
Pattern
orLength
has changed.
- Do not update the value in any case, Even if the
- Retain
- Required: No
- Update requires: No interruption
- The policies are user by deletion phase of AWS CloudFormation.
- Support values:
- Retain
- Do not delete the value of
SSM::Parameter
.
- Do not delete the value of
- IgnoreError
- Ignore same error.
- Retain
- Required: No
- Update requires: No interruption