AWS::SSM::Document - AWS CloudFormation
AWS 文档中描述的 AWS 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 AWS 服务入门

AWS::SSM::Document

AWS::SSM::Document 资源在 AWS Systems Manager 中创建 Systems Manager (SSM) 文档。本文档定义 Systems Manager 对您的 AWS 资源执行的操作。

语法

要在 AWS CloudFormation 模板中声明此实体,请使用以下语法:

JSON

{ "Type" : "AWS::SSM::Document", "Properties" : { "Content" : Json, "DocumentType" : String, "Name" : String, "Tags" : [ Tag, ... ] } }

YAML

Type: AWS::SSM::Document Properties: Content: Json DocumentType: String Name: String Tags: - Tag

属性

Content

JSON 或 YAML 格式的新 SSM 文档的内容。

必需:是

类型:Json

最低1

Update requires: Replacement

DocumentType

要创建的文档的类型。

允许的值ApplicationConfigurationSchema | Automation | ChangeCalendar | Command | DeploymentStrategy | Package | Policy | Session

必需:否

类型:字符串

Update requires: Replacement

Name

Systems Manager 文档的名称。

重要

您不能使用以下字符串作为文档名称前缀。AWS 保留这些前缀作为文档名称前缀:

  • aws-

  • amazon

  • amzn

必需:否

类型:字符串

模式^[a-zA-Z0-9_\-.]{3,128}$

Update requires: Replacement

Tags

要应用于文档的 AWS CloudFormation 资源标签。使用标签可帮助您标识和分类资源。

必需:否

类型Tag 的列表

最高1000

Update requires: No interruption

返回值

Ref

在将此资源的逻辑 ID 传递给内部 Ref 函数时,Ref 返回 Systems Manager 文档名称,例如 MyNewSSMDocument

For more information about using the Ref function, see Ref.

示例

创建在 EC2 Linux 实例上运行命令的文档

以下 SSM 文档在目标 EC2 Linux 实例上运行您指定的命令。使用 Run Command 运行文档时,指定命令参数值。

YAML

document: Type: AWS::SSM::Document Properties: Content: schemaVersion: '2.2' description: 'Run a script on Linux instances.' parameters: commands: type: String description: "(Required) The commands to run or the path to an existing script on the instance." default: 'echo Hello World' mainSteps: - action: aws:runShellScript name: runCommands inputs: timeoutSeconds: '60' runCommand: - "{{ commands }}" DocumentType: Command Name: 'CFN_2.2_command_example'

JSON

"document": { "Type": "AWS::SSM::Document", "Properties": { "Content": { "schemaVersion": "2.2", "description": "Run a script on Linux instances.", "parameters": { "commands": { "type": "String", "description": "(Required) The commands to run or the path to an existing script on the instance.", "default": "echo Hello World" } }, "mainSteps": [ { "action": "aws:runShellScript", "name": "runCommands", "inputs": { "timeoutSeconds": "60", "runCommand": [ "{{ commands }}" ] } } ] }, "DocumentType": "Command", "Name": "CFN_2.2_command_ex" } }

将托管实例加入 AWS Directory Service 中的目录

以下 SSM 文档将实例连接到 AWS Directory Service 中的目录。三个运行时配置参数指定实例连接哪个目录。您在关联文档和实例时指定这些参数的值。

YAML

document: Type: AWS::SSM::Document Properties: Content: schemaVersion: '1.2' description: Join instances to an AWS Directory Service domain. parameters: directoryId: type: String description: "(Required) The ID of the AWS Directory Service directory." directoryName: type: String description: "(Required) The name of the directory. For example, test.example.com" dnsIpAddresses: type: StringList default: [] description: "(Optional) The IP addresses of the DNS servers in the directory. Required when DHCP is not configured. For more information, see https://docs.aws.amazon.com/directoryservice/latest/admin-guide/simple_ad_dns.html" allowedPattern: "((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" runtimeConfig: aws:domainJoin: properties: directoryId: "{{ directoryId}}" directoryName: "{{ directoryName }}" dnsIpAddresses: "{{ dnsIpAddresses }}"

JSON

"document" : { "Type": "AWS::SSM::Document", "Properties": { "Content": { "schemaVersion": "1.2", "description": "Join instances to an AWS Directory Service domain.", "parameters": { "directoryId": { "type": "String", "description": "(Required) The ID of the AWS Directory Service directory." }, "directoryName": { "type": "String", "description": "(Required) The name of the directory. For example, test.example.com" }, "dnsIpAddresses": { "type": "StringList", "default": [], "description": "(Optional) The IP addresses of the DNS servers in the directory. Required when DHCP is not configured. For more information, see https://docs.aws.amazon.com/directoryservice/latest/admin-guide/simple_ad_dns.html", "allowedPattern": "((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)" } }, "runtimeConfig": { "aws:domainJoin": { "properties": { "directoryId": "{{ directoryId}}", "directoryName": "{{ directoryName }}", "dnsIpAddresses": "{{ dnsIpAddresses }}" } } } } } }

将 SSM 文档与实例关联

以下示例演示如何将 SSM 文档与实例关联。DocumentName 属性指定 SSM 文档,AssociationParameters 属性指定运行时配置参数的值。

YAML

myEC2: Type: AWS::EC2::Instance Properties: ImageId: Ref: myImageId InstanceType: t2.micro SsmAssociations: - DocumentName: Ref: document AssociationParameters: - Key: directoryId Value: - Ref: myDirectory - Key: directoryName Value: - testDirectory.example.com - Key: dnsIpAddresses Value: Fn::GetAtt: - myDirectory - DnsIpAddresses IamInstanceProfile: Ref: myInstanceProfile NetworkInterfaces: - DeviceIndex: '0' AssociatePublicIpAddress: 'true' SubnetId: Ref: mySubnet KeyName: Ref: myKeyName

JSON

"myEC2" : { "Type": "AWS::EC2::Instance", "Properties": { "ImageId": { "Ref": "myImageId" }, "InstanceType": "t2.micro", "SsmAssociations": [ { "DocumentName": { "Ref": "document" }, "AssociationParameters": [ { "Key": "directoryId", "Value": [ { "Ref": "myDirectory" } ] }, { "Key": "directoryName", "Value": [ "testDirectory.example.com" ] }, { "Key": "dnsIpAddresses", "Value": { "Fn::GetAtt": [ "myDirectory", "DnsIpAddresses" ] } } ] } ], "IamInstanceProfile": { "Ref": "myInstanceProfile" }, "NetworkInterfaces": [ { "DeviceIndex": "0", "AssociatePublicIpAddress": "true", "SubnetId": { "Ref": "mySubnet" } } ], "KeyName": { "Ref": "myKeyName" } } }

另请参阅