module "ssm_resources" {
source = "./"
kms_key = {
name = "ssm-cmk-key"
description = "CMK for cloudwath logs and session"
deletion_window_in_days = 7
}
cloudwatch_log_group_name = "/ssm/session-logs"
enable_log_to_cloudwatch = true
}| Name | Version |
|---|---|
| terraform | ~> 0.12.24 |
| aws | ~> 2.60 |
| Name | Version |
|---|---|
| aws | ~> 2.60 |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| cloudwatch_log_group_name | Name of the CloudWatch Log Group for storing SSM Session Logs | string |
"/ssm/session-logs" |
no |
| cloudwatch_logs_retention | Number of days to retain Session Logs in CloudWatch | number |
30 |
no |
| create_ssm_document | Do you want to create SSM Document | bool |
true |
no |
| default_user | operating system user name for starting sessions | string |
"ec2-user" |
no |
| enable_log_to_cloudwatch | Enable Session Manager to Log to CloudWatch Logs | bool |
true |
no |
| kms_key | KMS Key Details | map(string) |
{ |
no |
| role_name | Name of the Role | string |
"" |
no |
| run_as_enabled | Do you want to use Specify Operating System user for sessions | bool |
true |
no |
| tags | A map of tags to add to all resources | map(string) |
{} |
no |
| Name | Description |
|---|---|
| ssm_cloudwatch_log_group_arn | The Amazon Resource Name (ARN) specifying the log group for SSM |
| ssm_kms_key_arn | KMS key used for SSM |
| ssm_role_arn | n/a |