Note:

You are viewing the documentation for an older major version of the AWS CLI (version 1).

AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.

[ aws . ssm ]

create-document

Description

Creates a Amazon Web Services Systems Manager (SSM document). An SSM document defines the actions that Systems Manager performs on your managed nodes. For more information about SSM documents, including information about supported schemas, features, and syntax, see Amazon Web Services Systems Manager Documents in the Amazon Web Services Systems Manager User Guide .

See also: AWS API Documentation

Synopsis

  create-document
--content <value>
[--requires <value>]
[--attachments <value>]
--name <value>
[--display-name <value>]
[--version-name <value>]
[--document-type <value>]
[--document-format <value>]
[--target-type <value>]
[--tags <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]

Options

--content (string)

The content for the new SSM document in JSON or YAML format. The content of the document must not exceed 64KB. This quota also includes the content specified for input parameters at runtime. We recommend storing the contents for your new document in an external JSON or YAML file and referencing the file in a command.

For examples, see the following topics in the Amazon Web Services Systems Manager User Guide .

--requires (list)

A list of SSM documents required by a document. This parameter is used exclusively by AppConfig. When a user creates an AppConfig configuration in an SSM document, the user must also specify a required document for validation purposes. In this case, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document for validation purposes. For more information, see What is AppConfig? in the AppConfig User Guide .

(structure)

An SSM document required by the current document.

Name -> (string)

The name of the required SSM document. The name can be an Amazon Resource Name (ARN).

Version -> (string)

The document version required by the current document.

RequireType -> (string)

The document type of the required SSM document.

VersionName -> (string)

An optional field specifying the version of the artifact associated with the document. For example, 12.6. This value is unique across all versions of a document, and can't be changed.

Shorthand Syntax:

Name=string,Version=string,RequireType=string,VersionName=string ...

JSON Syntax:

[
  {
    "Name": "string",
    "Version": "string",
    "RequireType": "string",
    "VersionName": "string"
  }
  ...
]

--attachments (list)

A list of key-value pairs that describe attachments to a version of a document.

(structure)

Identifying information about a document attachment, including the file name and a key-value pair that identifies the location of an attachment to a document.

Key -> (string)

The key of a key-value pair that identifies the location of an attachment to a document.

Values -> (list)

The value of a key-value pair that identifies the location of an attachment to a document. The format for Value depends on the type of key you specify.

  • For the key SourceUrl , the value is an S3 bucket location. For example: "Values": [ "s3://doc-example-bucket/my-folder" ]
  • For the key S3FileUrl , the value is a file in an S3 bucket. For example: "Values": [ "s3://doc-example-bucket/my-folder/my-file.py" ]
  • For the key AttachmentReference , the value is constructed from the name of another SSM document in your account, a version number of that document, and a file attached to that document version that you want to reuse. For example: "Values": [ "MyOtherDocument/3/my-other-file.py" ] However, if the SSM document is shared with you from another account, the full SSM document ARN must be specified instead of the document name only. For example: "Values": [ "arn:aws:ssm:us-east-2:111122223333:document/OtherAccountDocument/3/their-file.py" ]

(string)

Name -> (string)

The name of the document attachment file.

Shorthand Syntax:

Key=string,Values=string,string,Name=string ...

JSON Syntax:

[
  {
    "Key": "SourceUrl"|"S3FileUrl"|"AttachmentReference",
    "Values": ["string", ...],
    "Name": "string"
  }
  ...
]

--name (string)

A name for the SSM document.

Warning

You can't use the following strings as document name prefixes. These are reserved by Amazon Web Services for use as document name prefixes:

  • aws
  • amazon
  • amzn

--display-name (string)

An optional field where you can specify a friendly name for the SSM document. This value can differ for each version of the document. You can update this value at a later time using the UpdateDocument operation.

--version-name (string)

An optional field specifying the version of the artifact you are creating with the document. For example, Release12.1 . This value is unique across all versions of a document, and can't be changed.

--document-type (string)

The type of document to create.

Note

The DeploymentStrategy document type is an internal-use-only document type reserved for AppConfig.

Possible values:

  • Command
  • Policy
  • Automation
  • Session
  • Package
  • ApplicationConfiguration
  • ApplicationConfigurationSchema
  • DeploymentStrategy
  • ChangeCalendar
  • Automation.ChangeTemplate
  • ProblemAnalysis
  • ProblemAnalysisTemplate
  • CloudFormation
  • ConformancePackTemplate
  • QuickSetup

--document-format (string)

Specify the document format for the request. The document format can be JSON, YAML, or TEXT. JSON is the default format.

Possible values:

  • YAML
  • JSON
  • TEXT

--target-type (string)

Specify a target type to define the kinds of resources the document can run on. For example, to run a document on EC2 instances, specify the following value: /AWS::EC2::Instance . If you specify a value of '/' the document can run on all types of resources. If you don't specify a value, the document can't run on any resources. For a list of valid resource types, see Amazon Web Services resource and property types reference in the CloudFormation User Guide .

--tags (list)

Optional metadata that you assign to a resource. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag an SSM document to identify the types of targets or the environment where it will run. In this case, you could specify the following key-value pairs:

  • Key=OS,Value=Windows
  • Key=Environment,Value=Production

Note

To add tags to an existing SSM document, use the AddTagsToResource operation.

(structure)

Metadata that you assign to your Amazon Web Services resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Amazon Web Services Systems Manager, you can apply tags to Systems Manager documents (SSM documents), managed nodes, maintenance windows, parameters, patch baselines, OpsItems, and OpsMetadata.

Key -> (string)

The name of the tag.

Value -> (string)

The value of the tag.

Shorthand Syntax:

Key=string,Value=string ...

JSON Syntax:

[
  {
    "Key": "string",
    "Value": "string"
  }
  ...
]

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

Global Options

--debug (boolean)

Turn on debug logging.

--endpoint-url (string)

Override command's default URL with the given URL.

--no-verify-ssl (boolean)

By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.

--no-paginate (boolean)

Disable automatic pagination.

--output (string)

The formatting style for command output.

  • json
  • text
  • table

--query (string)

A JMESPath query to use in filtering the response data.

--profile (string)

Use a specific profile from your credential file.

--region (string)

The region to use. Overrides config/env settings.

--version (string)

Display the version of this tool.

--color (string)

Turn on/off color output.

  • on
  • off
  • auto

--no-sign-request (boolean)

Do not sign requests. Credentials will not be loaded if this argument is provided.

--ca-bundle (string)

The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.

--cli-read-timeout (int)

The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.

--cli-connect-timeout (int)

The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.

Examples

Note

To use the following examples, you must have the AWS CLI installed and configured. See the Getting started guide in the AWS CLI User Guide for more information.

Unless otherwise stated, all examples have unix-like quotation rules. These examples will need to be adapted to your terminal's quoting rules. See Using quotation marks with strings in the AWS CLI User Guide .

To create a document

The following create-document example creates a Systems Manager document.

aws ssm create-document \
    --content file://exampleDocument.yml \
    --name "Example" \
    --document-type "Automation" \
    --document-format YAML

Output:

{
    "DocumentDescription": {
        "Hash": "fc2410281f40779e694a8b95975d0f9f316da8a153daa94e3d9921102EXAMPLE",
        "HashType": "Sha256",
        "Name": "Example",
        "Owner": "29884EXAMPLE",
        "CreatedDate": 1583256349.452,
        "Status": "Creating",
        "DocumentVersion": "1",
        "Description": "Document Example",
        "Parameters": [
            {
                "Name": "AutomationAssumeRole",
                "Type": "String",
                "Description": "(Required) The ARN of the role that allows Automation to perform the actions on your behalf. If no role is specified, Systems Manager Automation uses your IAM permissions to execute this document.",
                "DefaultValue": ""
            },
            {
                "Name": "InstanceId",
                "Type": "String",
                "Description": "(Required) The ID of the Amazon EC2 instance.",
                "DefaultValue": ""
            }
        ],
        "PlatformTypes": [
            "Windows",
            "Linux"
        ],
        "DocumentType": "Automation",
        "SchemaVersion": "0.3",
        "LatestVersion": "1",
        "DefaultVersion": "1",
        "DocumentFormat": "YAML",
        "Tags": []
    }
}

For more information, see Creating Systems Manager Documents in the AWS Systems Manager User Guide.

Output

DocumentDescription -> (structure)

Information about the SSM document.

Sha1 -> (string)

The SHA1 hash of the document, which you can use for verification.

Hash -> (string)

The Sha256 or Sha1 hash created by the system when the document was created.

Note

Sha1 hashes have been deprecated.

HashType -> (string)

The hash type of the document. Valid values include Sha256 or Sha1 .

Note

Sha1 hashes have been deprecated.

Name -> (string)

The name of the SSM document.

DisplayName -> (string)

The friendly name of the SSM document. This value can differ for each version of the document. If you want to update this value, see UpdateDocument .

VersionName -> (string)

The version of the artifact associated with the document.

Owner -> (string)

The Amazon Web Services user that created the document.

CreatedDate -> (timestamp)

The date when the document was created.

Status -> (string)

The status of the SSM document.

StatusInformation -> (string)

A message returned by Amazon Web Services Systems Manager that explains the Status value. For example, a Failed status might be explained by the StatusInformation message, "The specified S3 bucket doesn't exist. Verify that the URL of the S3 bucket is correct."

DocumentVersion -> (string)

The document version.

Description -> (string)

A description of the document.

Parameters -> (list)

A description of the parameters for a document.

(structure)

Parameters specified in a Systems Manager document that run on the server when the command is run.

Name -> (string)

The name of the parameter.

Type -> (string)

The type of parameter. The type can be either String or StringList.

Description -> (string)

A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.

DefaultValue -> (string)

If specified, the default values for the parameters. Parameters without a default value are required. Parameters with a default value are optional.

PlatformTypes -> (list)

The list of operating system (OS) platforms compatible with this SSM document.

(string)

DocumentType -> (string)

The type of document.

SchemaVersion -> (string)

The schema version.

LatestVersion -> (string)

The latest version of the document.

DefaultVersion -> (string)

The default version.

DocumentFormat -> (string)

The document format, either JSON or YAML.

TargetType -> (string)

The target type which defines the kinds of resources the document can run on. For example, /AWS::EC2::Instance . For a list of valid resource types, see Amazon Web Services resource and property types reference in the CloudFormation User Guide .

Tags -> (list)

The tags, or metadata, that have been applied to the document.

(structure)

Metadata that you assign to your Amazon Web Services resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Amazon Web Services Systems Manager, you can apply tags to Systems Manager documents (SSM documents), managed nodes, maintenance windows, parameters, patch baselines, OpsItems, and OpsMetadata.

Key -> (string)

The name of the tag.

Value -> (string)

The value of the tag.

AttachmentsInformation -> (list)

Details about the document attachments, including names, locations, sizes, and so on.

(structure)

An attribute of an attachment, such as the attachment name.

Name -> (string)

The name of the attachment.

Requires -> (list)

A list of SSM documents required by a document. For example, an ApplicationConfiguration document requires an ApplicationConfigurationSchema document.

(structure)

An SSM document required by the current document.

Name -> (string)

The name of the required SSM document. The name can be an Amazon Resource Name (ARN).

Version -> (string)

The document version required by the current document.

RequireType -> (string)

The document type of the required SSM document.

VersionName -> (string)

An optional field specifying the version of the artifact associated with the document. For example, 12.6. This value is unique across all versions of a document, and can't be changed.

Author -> (string)

The user in your organization who created the document.

ReviewInformation -> (list)

Details about the review of a document.

(structure)

Information about the result of a document review request.

ReviewedTime -> (timestamp)

The time that the reviewer took action on the document review request.

Status -> (string)

The current status of the document review request.

Reviewer -> (string)

The reviewer assigned to take action on the document review request.

ApprovedVersion -> (string)

The version of the document currently approved for use in the organization.

PendingReviewVersion -> (string)

The version of the document that is currently under review.

ReviewStatus -> (string)

The current status of the review.

Category -> (list)

The classification of a document to help you identify and categorize its use.

(string)

CategoryEnum -> (list)

The value that identifies a document's category.

(string)