Skip to content

Resource: awsSsmActivation

Registers an on-premises server or virtual machine with Amazon EC2 so that it can be managed using Run Command.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const dataAwsIamPolicyDocumentAssumeRole =
  new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(
    this,
    "assume_role",
    {
      statement: [
        {
          actions: ["sts:AssumeRole"],
          effect: "Allow",
          principals: [
            {
              identifiers: ["ssm.amazonaws.com"],
              type: "Service",
            },
          ],
        },
      ],
    }
  );
const awsIamRoleTestRole = new aws.iamRole.IamRole(this, "test_role", {
  assumeRolePolicy: dataAwsIamPolicyDocumentAssumeRole.json,
  name: "test_role",
});
const awsIamRolePolicyAttachmentTestAttach =
  new aws.iamRolePolicyAttachment.IamRolePolicyAttachment(this, "test_attach", {
    policyArn: "arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore",
    role: awsIamRoleTestRole.name,
  });
new aws.ssmActivation.SsmActivation(this, "foo", {
  depends_on: [`\${${awsIamRolePolicyAttachmentTestAttach.fqn}}`],
  description: "Test",
  iamRole: awsIamRoleTestRole.id,
  name: "test_ssm_activation",
  registrationLimit: "5",
});

Argument Reference

The following arguments are supported:

  • name - (Optional) The default name of the registered managed instance.
  • description - (Optional) The description of the resource that you want to register.
  • expirationDate - (Optional) UTC timestamp in RFC3339 format by which this activation request should expire. The default value is 24 hours from resource creation time. Terraform will only perform drift detection of its value when present in a configuration.
  • iamRole - (Required) The IAM Role to attach to the managed instance.
  • registrationLimit - (Optional) The maximum number of managed instances you want to register. The default value is 1 instance.
  • tags - (Optional) A map of tags to assign to the object. If configured with a provider defaultTags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The activation ID.
  • activationCode - The code the system generates when it processes the activation.
  • name - The default name of the registered managed instance.
  • description - The description of the resource that was registered.
  • expired - If the current activation has expired.
  • expirationDate - The date by which this activation request should expire. The default value is 24 hours.
  • iamRole - The IAM Role attached to the managed instance.
  • registrationLimit - The maximum number of managed instances you want to be registered. The default value is 1 instance.
  • registrationCount - The number of managed instances that are currently registered using this activation.
  • tagsAll - A map of tags assigned to the resource, including those inherited from the provider defaultTags configuration block.

Import

AWS SSM Activation can be imported using the id, e.g.,

$ terraform import aws_ssm_activation.example e488f2f6-e686-4afb-8a04-ef6dfEXAMPLE

-> Note: The activationCode attribute cannot be imported.