Resource: awsSsmResourceDataSync
Provides a SSM resource data sync.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
const awsS3BucketHoge = new aws.s3Bucket.S3Bucket(this, "hoge", {
bucket: "tf-test-bucket-1234",
});
new aws.ssmResourceDataSync.SsmResourceDataSync(this, "foo", {
name: "foo",
s3Destination: {
bucketName: awsS3BucketHoge.bucket,
region: awsS3BucketHoge.region,
},
});
const dataAwsIamPolicyDocumentHoge =
new aws.dataAwsIamPolicyDocument.DataAwsIamPolicyDocument(this, "hoge_2", {
statement: [
{
actions: ["s3:GetBucketAcl"],
effect: "Allow",
principals: [
{
identifiers: ["ssm.amazonaws.com"],
type: "Service",
},
],
resources: ["arn:aws:s3:::tf-test-bucket-1234"],
sid: "SSMBucketPermissionsCheck",
},
{
actions: ["s3:PutObject"],
condition: [
{
test: "StringEquals",
values: ["bucket-owner-full-control"],
variable: "s3:x-amz-acl",
},
],
effect: "Allow",
principals: [
{
identifiers: ["ssm.amazonaws.com"],
type: "Service",
},
],
resources: ["arn:aws:s3:::tf-test-bucket-1234/*"],
sid: "SSMBucketDelivery",
},
],
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
dataAwsIamPolicyDocumentHoge.overrideLogicalId("hoge");
const awsS3BucketPolicyHoge = new aws.s3BucketPolicy.S3BucketPolicy(
this,
"hoge_3",
{
bucket: awsS3BucketHoge.id,
policy: dataAwsIamPolicyDocumentHoge.json,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
awsS3BucketPolicyHoge.overrideLogicalId("hoge");
Argument Reference
The following arguments are supported:
name
- (Required) Name for the configuration.s3Destination
- (Required) Amazon S3 configuration details for the sync.
s3Destination
s3Destination
supports the following:
bucketName
- (Required) Name of S3 bucket where the aggregated data is stored.region
- (Required) Region with the bucket targeted by the Resource Data Sync.kmsKeyArn
- (Optional) ARN of an encryption key for a destination in Amazon S3.prefix
- (Optional) Prefix for the bucket.syncFormat
- (Optional) A supported sync format. Only JsonSerDe is currently supported. Defaults to JsonSerDe.
Attributes Reference
No additional attributes are exported.
Import
SSM resource data sync can be imported using the name
, e.g.,