- Hook Path
runway.cfngin.hooks.ssm.parameter.SecureString
Create, update, and delete a SecureString SSM parameter.
A SecureString parameter is any sensitive data that needs to be stored and referenced in a secure manner. If you have data that you don't want users to alter or reference in plaintext, such as passwords or license keys, create those parameters using the SecureString datatype.
When used in the ~cfngin.config.pre_deploy
or ~cfngin.config.post_deploy
stage this hook will create or update an SSM parameter.
When used in the ~cfngin.config.pre_destroy
or ~cfngin.config.post_destroy
stage this hook will delete an SSM parameter.
2.2.0
allowed_pattern
A regular expression used to validate the parameter value.
data_type
The data type for a String parameter. Supported data types include plain text and Amazon Machine Image IDs.
description
Information about the parameter.
force
Skip checking the current value of the parameter, just put it. Can be used alongside overwrite to always update a parameter.
key_id
The KMS Key ID that you want to use to encrypt a parameter. Either the default AWS Key Management Service (AWS KMS) key automatically assigned to your AWS account or a custom key.
name
The fully qualified name of the parameter that you want to add to the system.
overwrite
Allow overwriting an existing parameter. If this is set to False
and the parameter already exists, the parameter will not be updated and a warning will be logged.
policies
One or more policies to apply to a parameter. This field takes a JSON array.
tags
Tags to be applied to the parameter.
tier
The parameter tier to assign to a parameter.
value
The parameter value that you want to add to the system. Standard parameters have a value limit of 4 KB. Advanced parameters have a value limit of 8 KB.
If the value of this field is falsy, the parameter will not be created or updated.
If the value of this field matches what is already in SSM Parameter Store, it will not be updated unless force is True
.
pre_deploy: &hooks
- path: runway.cfngin.hooks.ssm.parameter.SecureString
args:
name: /example/foo
value: bar
- path: runway.cfngin.hooks.ssm.parameter.SecureString
args:
name: /example/parameter1
description: This is an example.
tags:
tag-key: tag-value
tier: Advanced
value: ${value_may_be_none}
- path: runway.cfngin.hooks.ssm.parameter.SecureString
args:
name: /example/parameter2
policies:
- Type: Expiration
Version: 1.0
Attributes:
Timestamp: 2018-12-02T21:34:33.000Z
tags:
- Key: tag-key
Value: tag-value
value: ${something_else}
post_destroy: *hooks