1 | import * as iam from '@aws-cdk/aws-iam';
|
2 | import * as kms from '@aws-cdk/aws-kms';
|
3 | import { Construct as CompatConstruct, IResource, Resource } from '@aws-cdk/core';
|
4 | import { Construct } from 'constructs';
|
5 | /**
|
6 | * An SSM Parameter reference.
|
7 | */
|
8 | export interface IParameter extends IResource {
|
9 | /**
|
10 | * The ARN of the SSM Parameter resource.
|
11 | * @attribute
|
12 | */
|
13 | readonly parameterArn: string;
|
14 | /**
|
15 | * The name of the SSM Parameter resource.
|
16 | * @attribute
|
17 | */
|
18 | readonly parameterName: string;
|
19 | /**
|
20 | * The type of the SSM Parameter resource.
|
21 | * @attribute
|
22 | */
|
23 | readonly parameterType: string;
|
24 | /**
|
25 | * Grants read (DescribeParameter, GetParameter, GetParameterHistory) permissions on the SSM Parameter.
|
26 | *
|
27 | * @param grantee the role to be granted read-only access to the parameter.
|
28 | */
|
29 | grantRead(grantee: iam.IGrantable): iam.Grant;
|
30 | /**
|
31 | * Grants write (PutParameter) permissions on the SSM Parameter.
|
32 | *
|
33 | * @param grantee the role to be granted write access to the parameter.
|
34 | */
|
35 | grantWrite(grantee: iam.IGrantable): iam.Grant;
|
36 | }
|
37 | /**
|
38 | * A String SSM Parameter.
|
39 | */
|
40 | export interface IStringParameter extends IParameter {
|
41 | /**
|
42 | * The parameter value. Value must not nest another parameter. Do not use {{}} in the value.
|
43 | *
|
44 | * @attribute Value
|
45 | */
|
46 | readonly stringValue: string;
|
47 | }
|
48 | /**
|
49 | * A StringList SSM Parameter.
|
50 | */
|
51 | export interface IStringListParameter extends IParameter {
|
52 | /**
|
53 | * The parameter value. Value must not nest another parameter. Do not use {{}} in the value. Values in the array
|
54 | * cannot contain commas (``,``).
|
55 | *
|
56 | * @attribute Value
|
57 | */
|
58 | readonly stringListValue: string[];
|
59 | }
|
60 | /**
|
61 | * Properties needed to create a new SSM Parameter.
|
62 | */
|
63 | export interface ParameterOptions {
|
64 | /**
|
65 | * A regular expression used to validate the parameter value. For example, for String types with values restricted to
|
66 | * numbers, you can specify the following: ``^\d+$``
|
67 | *
|
68 | * @default no validation is performed
|
69 | */
|
70 | readonly allowedPattern?: string;
|
71 | /**
|
72 | * Information about the parameter that you want to add to the system.
|
73 | *
|
74 | * @default none
|
75 | */
|
76 | readonly description?: string;
|
77 | /**
|
78 | * The name of the parameter.
|
79 | *
|
80 | * @default - a name will be generated by CloudFormation
|
81 | */
|
82 | readonly parameterName?: string;
|
83 | /**
|
84 | * Indicates of the parameter name is a simple name (i.e. does not include "/"
|
85 | * separators).
|
86 | *
|
87 | * This is only required only if `parameterName` is a token, which means we
|
88 | * are unable to detect if the name is simple or "path-like" for the purpose
|
89 | * of rendering SSM parameter ARNs.
|
90 | *
|
91 | * If `parameterName` is not specified, `simpleName` must be `true` (or
|
92 | * undefined) since the name generated by AWS CloudFormation is always a
|
93 | * simple name.
|
94 | *
|
95 | * @default - auto-detect based on `parameterName`
|
96 | */
|
97 | readonly simpleName?: boolean;
|
98 | /**
|
99 | * The tier of the string parameter
|
100 | *
|
101 | * @default - undefined
|
102 | */
|
103 | readonly tier?: ParameterTier;
|
104 | }
|
105 | /**
|
106 | * Properties needed to create a String SSM parameter.
|
107 | */
|
108 | export interface StringParameterProps extends ParameterOptions {
|
109 | /**
|
110 | * The value of the parameter. It may not reference another parameter and ``{{}}`` cannot be used in the value.
|
111 | */
|
112 | readonly stringValue: string;
|
113 | /**
|
114 | * The type of the string parameter
|
115 | *
|
116 | * @default ParameterType.STRING
|
117 | */
|
118 | readonly type?: ParameterType;
|
119 | /**
|
120 | * The data type of the parameter, such as `text` or `aws:ec2:image`.
|
121 | *
|
122 | * @default ParameterDataType.TEXT
|
123 | */
|
124 | readonly dataType?: ParameterDataType;
|
125 | }
|
126 | /**
|
127 | * Properties needed to create a StringList SSM Parameter
|
128 | */
|
129 | export interface StringListParameterProps extends ParameterOptions {
|
130 | /**
|
131 | * The values of the parameter. It may not reference another parameter and ``{{}}`` cannot be used in the value.
|
132 | */
|
133 | readonly stringListValue: string[];
|
134 | }
|
135 | /**
|
136 | * Basic features shared across all types of SSM Parameters.
|
137 | */
|
138 | declare abstract class ParameterBase extends Resource implements IParameter {
|
139 | abstract readonly parameterArn: string;
|
140 | abstract readonly parameterName: string;
|
141 | abstract readonly parameterType: string;
|
142 | /**
|
143 | * The encryption key that is used to encrypt this parameter.
|
144 | *
|
145 | * * @default - default master key
|
146 | */
|
147 | readonly encryptionKey?: kms.IKey;
|
148 | grantRead(grantee: iam.IGrantable): iam.Grant;
|
149 | grantWrite(grantee: iam.IGrantable): iam.Grant;
|
150 | }
|
151 | /**
|
152 | * SSM parameter type
|
153 | */
|
154 | export declare enum ParameterType {
|
155 | /**
|
156 | * String
|
157 | */
|
158 | STRING = "String",
|
159 | /**
|
160 | * Secure String
|
161 | *
|
162 | * Parameter Store uses an AWS Key Management Service (KMS) customer master key (CMK) to encrypt the parameter value.
|
163 | * Parameters of type SecureString cannot be created directly from a CDK application.
|
164 | */
|
165 | SECURE_STRING = "SecureString",
|
166 | /**
|
167 | * String List
|
168 | */
|
169 | STRING_LIST = "StringList",
|
170 | /**
|
171 | * An Amazon EC2 image ID, such as ami-0ff8a91507f77f867
|
172 | */
|
173 | AWS_EC2_IMAGE_ID = "AWS::EC2::Image::Id"
|
174 | }
|
175 | /**
|
176 | * SSM parameter data type
|
177 | */
|
178 | export declare enum ParameterDataType {
|
179 | /**
|
180 | * Text
|
181 | */
|
182 | TEXT = "text",
|
183 | /**
|
184 | * Aws Ec2 Image
|
185 | */
|
186 | AWS_EC2_IMAGE = "aws:ec2:image"
|
187 | }
|
188 | /**
|
189 | * SSM parameter tier
|
190 | */
|
191 | export declare enum ParameterTier {
|
192 | /**
|
193 | * String
|
194 | */
|
195 | ADVANCED = "Advanced",
|
196 | /**
|
197 | * String
|
198 | */
|
199 | INTELLIGENT_TIERING = "Intelligent-Tiering",
|
200 | /**
|
201 | * String
|
202 | */
|
203 | STANDARD = "Standard"
|
204 | }
|
205 | /**
|
206 | * Common attributes for string parameters.
|
207 | */
|
208 | export interface CommonStringParameterAttributes {
|
209 | /**
|
210 | * The name of the parameter store value.
|
211 | *
|
212 | * This value can be a token or a concrete string. If it is a concrete string
|
213 | * and includes "/" it must also be prefixed with a "/" (fully-qualified).
|
214 | */
|
215 | readonly parameterName: string;
|
216 | /**
|
217 | * Indicates of the parameter name is a simple name (i.e. does not include "/"
|
218 | * separators).
|
219 | *
|
220 | * This is only required only if `parameterName` is a token, which means we
|
221 | * are unable to detect if the name is simple or "path-like" for the purpose
|
222 | * of rendering SSM parameter ARNs.
|
223 | *
|
224 | * If `parameterName` is not specified, `simpleName` must be `true` (or
|
225 | * undefined) since the name generated by AWS CloudFormation is always a
|
226 | * simple name.
|
227 | *
|
228 | * @default - auto-detect based on `parameterName`
|
229 | */
|
230 | readonly simpleName?: boolean;
|
231 | }
|
232 | /**
|
233 | * Attributes for parameters of various types of string.
|
234 | *
|
235 | * @see ParameterType
|
236 | */
|
237 | export interface StringParameterAttributes extends CommonStringParameterAttributes {
|
238 | /**
|
239 | * The version number of the value you wish to retrieve.
|
240 | *
|
241 | * @default The latest version will be retrieved.
|
242 | */
|
243 | readonly version?: number;
|
244 | /**
|
245 | * The type of the string parameter
|
246 | *
|
247 | * @default ParameterType.STRING
|
248 | */
|
249 | readonly type?: ParameterType;
|
250 | }
|
251 | /**
|
252 | * Attributes for secure string parameters.
|
253 | */
|
254 | export interface SecureStringParameterAttributes extends CommonStringParameterAttributes {
|
255 | /**
|
256 | * The version number of the value you wish to retrieve.
|
257 | *
|
258 | * @default - AWS CloudFormation uses the latest version of the parameter
|
259 | */
|
260 | readonly version?: number;
|
261 | /**
|
262 | * The encryption key that is used to encrypt this parameter
|
263 | *
|
264 | * @default - default master key
|
265 | */
|
266 | readonly encryptionKey?: kms.IKey;
|
267 | }
|
268 | /**
|
269 | * Creates a new String SSM Parameter.
|
270 | * @resource AWS::SSM::Parameter
|
271 | */
|
272 | export declare class StringParameter extends ParameterBase implements IStringParameter {
|
273 | /**
|
274 | * Imports an external string parameter by name.
|
275 | */
|
276 | static fromStringParameterName(scope: Construct, id: string, stringParameterName: string): IStringParameter;
|
277 | /**
|
278 | * Imports an external string parameter with name and optional version.
|
279 | */
|
280 | static fromStringParameterAttributes(scope: Construct, id: string, attrs: StringParameterAttributes): IStringParameter;
|
281 | /**
|
282 | * Imports a secure string parameter from the SSM parameter store.
|
283 | */
|
284 | static fromSecureStringParameterAttributes(scope: Construct, id: string, attrs: SecureStringParameterAttributes): IStringParameter;
|
285 | /**
|
286 | * Reads the value of an SSM parameter during synthesis through an
|
287 | * environmental context provider.
|
288 | *
|
289 | * Requires that the stack this scope is defined in will have explicit
|
290 | * account/region information. Otherwise, it will fail during synthesis.
|
291 | */
|
292 | static valueFromLookup(scope: CompatConstruct, parameterName: string): string;
|
293 | /**
|
294 | * Returns a token that will resolve (during deployment) to the string value of an SSM string parameter.
|
295 | * @param scope Some scope within a stack
|
296 | * @param parameterName The name of the SSM parameter.
|
297 | * @param version The parameter version (recommended in order to ensure that the value won't change during deployment)
|
298 | */
|
299 | static valueForStringParameter(scope: Construct, parameterName: string, version?: number): string;
|
300 | /**
|
301 | * Returns a token that will resolve (during deployment) to the string value of an SSM string parameter.
|
302 | * @param scope Some scope within a stack
|
303 | * @param parameterName The name of the SSM parameter.
|
304 | * @param type The type of the SSM parameter.
|
305 | * @param version The parameter version (recommended in order to ensure that the value won't change during deployment)
|
306 | */
|
307 | static valueForTypedStringParameter(scope: Construct, parameterName: string, type?: ParameterType, version?: number): string;
|
308 | /**
|
309 | * Returns a token that will resolve (during deployment)
|
310 | * @param scope Some scope within a stack
|
311 | * @param parameterName The name of the SSM parameter
|
312 | * @param version The parameter version (required for secure strings)
|
313 | * @deprecated Use `SecretValue.ssmSecure()` instead, it will correctly type the imported value as a `SecretValue` and allow importing without version.
|
314 | */
|
315 | static valueForSecureStringParameter(scope: Construct, parameterName: string, version: number): string;
|
316 | readonly parameterArn: string;
|
317 | readonly parameterName: string;
|
318 | readonly parameterType: string;
|
319 | readonly stringValue: string;
|
320 | constructor(scope: Construct, id: string, props: StringParameterProps);
|
321 | }
|
322 | /**
|
323 | * Creates a new StringList SSM Parameter.
|
324 | * @resource AWS::SSM::Parameter
|
325 | */
|
326 | export declare class StringListParameter extends ParameterBase implements IStringListParameter {
|
327 | /**
|
328 | * Imports an external parameter of type string list.
|
329 | * Returns a token and should not be parsed.
|
330 | */
|
331 | static fromStringListParameterName(scope: Construct, id: string, stringListParameterName: string): IStringListParameter;
|
332 | readonly parameterArn: string;
|
333 | readonly parameterName: string;
|
334 | readonly parameterType: string;
|
335 | readonly stringListValue: string[];
|
336 | constructor(scope: Construct, id: string, props: StringListParameterProps);
|
337 | }
|
338 | export {};
|