2021/10/01 - Amazon Simple Systems Manager (SSM) - 1 updated api methods
Changes When "AutoApprovable" is true for a Change Template, then specifying --auto-approve (boolean) in Start-Change-Request-Execution will create a change request that bypasses approver review. (except for change calendar restrictions)
{'AutoApprove': 'boolean'}
Creates a change request for Change Manager. The Automation runbooks specified in the change request run only after all required approvals for the change request have been received.
See also: AWS API Documentation
Request Syntax
client.start_change_request_execution( ScheduledTime=datetime(2015, 1, 1), DocumentName='string', DocumentVersion='string', Parameters={ 'string': [ 'string', ] }, ChangeRequestName='string', ClientToken='string', AutoApprove=True|False, Runbooks=[ { 'DocumentName': 'string', 'DocumentVersion': 'string', 'Parameters': { 'string': [ 'string', ] }, 'TargetParameterName': 'string', 'Targets': [ { 'Key': 'string', 'Values': [ 'string', ] }, ], 'MaxConcurrency': 'string', 'MaxErrors': 'string', 'TargetLocations': [ { 'Accounts': [ 'string', ], 'Regions': [ 'string', ], 'TargetLocationMaxConcurrency': 'string', 'TargetLocationMaxErrors': 'string', 'ExecutionRoleName': 'string' }, ] }, ], Tags=[ { 'Key': 'string', 'Value': 'string' }, ], ScheduledEndTime=datetime(2015, 1, 1), ChangeDetails='string' )
datetime
The date and time specified in the change request to run the Automation runbooks.
Note
The Automation runbooks specified for the runbook workflow can't run until all required approvals for the change request have been received.
string
[REQUIRED]
The name of the change template document to run during the runbook workflow.
string
The version of the change template document to run during the runbook workflow.
dict
A key-value map of parameters that match the declared parameters in the change template document.
(string) --
(list) --
(string) --
string
The name of the change request associated with the runbook workflow to be run.
string
The user-provided idempotency token. The token must be unique, is case insensitive, enforces the UUID format, and can't be reused.
boolean
Indicates whether the change request can be approved automatically without the need for manual approvals.
If AutoApprovable is enabled in a change template, then setting AutoApprove to true in StartChangeRequestExecution creates a change request that bypasses approver review.
Note
Change Calendar restrictions are not bypassed in this scenario. If the state of an associated calendar is CLOSED , change freeze approvers must still grant permission for this change request to run. If they don't, the change won't be processed until the calendar state is again OPEN .
list
[REQUIRED]
Information about the Automation runbooks that are run during the runbook workflow.
Note
The Automation runbooks specified for the runbook workflow can't run until all required approvals for the change request have been received.
(dict) --
Information about an Automation runbook used in a runbook workflow in Change Manager.
Note
The Automation runbooks specified for the runbook workflow can't run until all required approvals for the change request have been received.
DocumentName (string) -- [REQUIRED]
The name of the Automation runbook used in a runbook workflow.
DocumentVersion (string) --
The version of the Automation runbook used in a runbook workflow.
Parameters (dict) --
The key-value map of execution parameters, which were supplied when calling StartChangeRequestExecution .
(string) --
(list) --
(string) --
TargetParameterName (string) --
The name of the parameter used as the target resource for the rate-controlled runbook workflow. Required if you specify Targets .
Targets (list) --
A key-value mapping to target resources that the runbook operation performs tasks on. Required if you specify TargetParameterName .
(dict) --
An array of search criteria that targets instances using a key-value pair that you specify.
Note
One or more targets must be specified for maintenance window Run Command-type tasks. Depending on the task, targets are optional for other maintenance window task types (Automation, Lambda, and Step Functions). For more information about running tasks that don't specify targets, see Registering maintenance window tasks without targets in the Amazon Web Services Systems Manager User Guide .
Supported formats include the following.
``Key=InstanceIds,Values=*instance-id-1* ,*instance-id-2* ,*instance-id-3* ``
``Key=tag:my-tag-key ,Values=*my-tag-value-1* ,*my-tag-value-2* ``
``Key=tag-key,Values=*my-tag-key-1* ,*my-tag-key-2* ``
Run Command and Maintenance window targets only : ``Key=resource-groups:Name,Values=*resource-group-name* ``
Maintenance window targets only : ``Key=resource-groups:ResourceTypeFilters,Values=*resource-type-1* ,*resource-type-2* ``
Automation targets only : ``Key=ResourceGroup;Values=*resource-group-name* ``
For example:
Key=InstanceIds,Values=i-02573cafcfEXAMPLE,i-0471e04240EXAMPLE,i-07782c72faEXAMPLE
Key=tag:CostCenter,Values=CostCenter1,CostCenter2,CostCenter3
Key=tag-key,Values=Name,Instance-Type,CostCenter
Run Command and Maintenance window targets only : Key=resource-groups:Name,Values=ProductionResourceGroup This example demonstrates how to target all resources in the resource group ProductionResourceGroup in your maintenance window.
Maintenance window targets only : ``Key=resource-groups:ResourceTypeFilters,Values=*AWS::EC2::INSTANCE* ,*AWS::EC2::VPC* `` This example demonstrates how to target only Amazon Elastic Compute Cloud (Amazon EC2) instances and VPCs in your maintenance window.
Automation targets only : Key=ResourceGroup,Values=MyResourceGroup
State Manager association targets only : Key=InstanceIds,Values=* This example demonstrates how to target all managed instances in the Amazon Web Services Region where the association was created.
For more information about how to send commands that target instances using Key,Value parameters, see Targeting multiple instances in the Amazon Web Services Systems Manager User Guide .
Key (string) --
User-defined criteria for sending commands that target instances that meet the criteria.
Values (list) --
User-defined criteria that maps to Key . For example, if you specified tag:ServerRole , you could specify value:WebServer to run a command on instances that include EC2 tags of ServerRole,WebServer .
Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.
(string) --
MaxConcurrency (string) --
The MaxConcurrency value specified by the user when the operation started, indicating the maximum number of resources that the runbook operation can run on at the same time.
MaxErrors (string) --
The MaxErrors value specified by the user when the execution started, indicating the maximum number of errors that can occur during the operation before the updates are stopped or rolled back.
TargetLocations (list) --
Information about the Amazon Web Services Regions and Amazon Web Services accounts targeted by the current Runbook operation.
(dict) --
The combination of Amazon Web Services Regions and Amazon Web Services accounts targeted by the current Automation execution.
Accounts (list) --
The Amazon Web Services accounts targeted by the current Automation execution.
(string) --
Regions (list) --
The Amazon Web Services Regions targeted by the current Automation execution.
(string) --
TargetLocationMaxConcurrency (string) --
The maximum number of Amazon Web Services Regions and Amazon Web Services accounts allowed to run the Automation concurrently.
TargetLocationMaxErrors (string) --
The maximum number of errors allowed before the system stops queueing additional Automation executions for the currently running Automation.
ExecutionRoleName (string) --
The Automation execution role used by the currently running Automation. If not specified, the default value is AWS-SystemsManager-AutomationExecutionRole .
list
Optional metadata that you assign to a resource. You can specify a maximum of five tags for a change request. Tags enable you to categorize a resource in different ways, such as by purpose, owner, or environment. For example, you might want to tag a change request to identify an environment or target Amazon Web Services Region. In this case, you could specify the following key-value pairs:
Key=Environment,Value=Production
Key=Region,Value=us-east-2
(dict) --
Metadata that you assign to your Amazon Web Services resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Amazon Web Services Systems Manager, you can apply tags to Systems Manager documents (SSM documents), managed instances, maintenance windows, parameters, patch baselines, OpsItems, and OpsMetadata.
Key (string) -- [REQUIRED]
The name of the tag.
Value (string) -- [REQUIRED]
The value of the tag.
datetime
The time that the requester expects the runbook workflow related to the change request to complete. The time is an estimate only that the requester provides for reviewers.
string
User-provided details about the change. If no details are provided, content specified in the Template information section of the associated change template is added.
dict
Response Syntax
{ 'AutomationExecutionId': 'string' }
Response Structure
(dict) --
AutomationExecutionId (string) --
The unique ID of a runbook workflow operation. (A runbook workflow is a type of Automation operation.)