2017/10/03 - Amazon Simple Systems Manager (SSM) - 7 updated api methods
Changes EC2 Systems Manager support for tagging SSM Documents. Also support for tag-based permissions to restrict access to SSM Documents based on these tags.
{'ResourceType': ['PatchBaseline', 'Document']}
Adds or overwrites one or more tags for the specified resource. Tags are metadata that you can assign to your documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. Each tag consists of a key and an optional value, both of which you define. For example, you could define a set of tags for your account's managed instances that helps you track each instance's owner and stack level. For example: Key=Owner and Value=DbAdmin, SysAdmin, or Dev. Or Key=Stack and Value=Production, Pre-Production, or Test.
Each resource can have a maximum of 10 tags.
We recommend that you devise a set of tag keys that meets your needs for each resource type. Using a consistent set of tag keys makes it easier for you to manage your resources. You can search and filter the resources based on the tags you add. Tags don't have any semantic meaning to Amazon EC2 and are interpreted strictly as a string of characters.
For more information about tags, see Tagging Your Amazon EC2 Resources in the Amazon EC2 User Guide .
See also: AWS API Documentation
Request Syntax
client.add_tags_to_resource(
ResourceType='Document'|'ManagedInstance'|'MaintenanceWindow'|'Parameter'|'PatchBaseline',
ResourceId='string',
Tags=[
{
'Key': 'string',
'Value': 'string'
},
]
)
string
[REQUIRED]
Specifies the type of resource you are tagging.
string
[REQUIRED]
The resource ID you want to tag.
list
[REQUIRED]
One or more tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.
(dict) --
Metadata that you assign to your AWS resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Systems Manager, you can apply tags to documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines.
Key (string) -- [REQUIRED]
The name of the tag.
Value (string) -- [REQUIRED]
The value of the tag.
dict
Response Syntax
{}
Response Structure
(dict) --
{'DocumentDescription': {'Tags': [{'Key': 'string', 'Value': 'string'}]}}
Creates a Systems Manager document.
After you create a document, you can use CreateAssociation to associate it with one or more running instances.
See also: AWS API Documentation
Request Syntax
client.create_document(
Content='string',
Name='string',
DocumentType='Command'|'Policy'|'Automation'
)
string
[REQUIRED]
A valid JSON string.
string
[REQUIRED]
A name for the Systems Manager document.
string
The type of document to create. Valid document types include: Policy, Automation, and Command.
dict
Response Syntax
{
'DocumentDescription': {
'Sha1': 'string',
'Hash': 'string',
'HashType': 'Sha256'|'Sha1',
'Name': 'string',
'Owner': 'string',
'CreatedDate': datetime(2015, 1, 1),
'Status': 'Creating'|'Active'|'Updating'|'Deleting',
'DocumentVersion': 'string',
'Description': 'string',
'Parameters': [
{
'Name': 'string',
'Type': 'String'|'StringList',
'Description': 'string',
'DefaultValue': 'string'
},
],
'PlatformTypes': [
'Windows'|'Linux',
],
'DocumentType': 'Command'|'Policy'|'Automation',
'SchemaVersion': 'string',
'LatestVersion': 'string',
'DefaultVersion': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
DocumentDescription (dict) --
Information about the Systems Manager document.
Sha1 (string) --
The SHA1 hash of the document, which you can use for verification.
Hash (string) --
The Sha256 or Sha1 hash created by the system when the document was created.
Note
Sha1 hashes have been deprecated.
HashType (string) --
Sha256 or Sha1.
Note
Sha1 hashes have been deprecated.
Name (string) --
The name of the Systems Manager document.
Owner (string) --
The AWS user account that created the document.
CreatedDate (datetime) --
The date when the document was created.
Status (string) --
The status of the Systems Manager document.
DocumentVersion (string) --
The document version.
Description (string) --
A description of the document.
Parameters (list) --
A description of the parameters for a document.
(dict) --
Parameters specified in a System Manager document that execute on the server when the command is run.
Name (string) --
The name of the parameter.
Type (string) --
The type of parameter. The type can be either String or StringList.
Description (string) --
A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.
DefaultValue (string) --
If specified, the default values for the parameters. Parameters without a default value are required. Parameters with a default value are optional.
PlatformTypes (list) --
The list of OS platforms compatible with this Systems Manager document.
(string) --
DocumentType (string) --
The type of document.
SchemaVersion (string) --
The schema version.
LatestVersion (string) --
The latest version of the document.
DefaultVersion (string) --
The default version.
Tags (list) --
The tags, or metadata, that have been applied to the document.
(dict) --
Metadata that you assign to your AWS resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Systems Manager, you can apply tags to documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines.
Key (string) --
The name of the tag.
Value (string) --
The value of the tag.
{'Document': {'Tags': [{'Key': 'string', 'Value': 'string'}]}}
Describes the specified Systems Manager document.
See also: AWS API Documentation
Request Syntax
client.describe_document(
Name='string',
DocumentVersion='string'
)
string
[REQUIRED]
The name of the Systems Manager document.
string
The document version for which you want information. Can be a specific version or the default version.
dict
Response Syntax
{
'Document': {
'Sha1': 'string',
'Hash': 'string',
'HashType': 'Sha256'|'Sha1',
'Name': 'string',
'Owner': 'string',
'CreatedDate': datetime(2015, 1, 1),
'Status': 'Creating'|'Active'|'Updating'|'Deleting',
'DocumentVersion': 'string',
'Description': 'string',
'Parameters': [
{
'Name': 'string',
'Type': 'String'|'StringList',
'Description': 'string',
'DefaultValue': 'string'
},
],
'PlatformTypes': [
'Windows'|'Linux',
],
'DocumentType': 'Command'|'Policy'|'Automation',
'SchemaVersion': 'string',
'LatestVersion': 'string',
'DefaultVersion': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
Document (dict) --
Information about the Systems Manager document.
Sha1 (string) --
The SHA1 hash of the document, which you can use for verification.
Hash (string) --
The Sha256 or Sha1 hash created by the system when the document was created.
Note
Sha1 hashes have been deprecated.
HashType (string) --
Sha256 or Sha1.
Note
Sha1 hashes have been deprecated.
Name (string) --
The name of the Systems Manager document.
Owner (string) --
The AWS user account that created the document.
CreatedDate (datetime) --
The date when the document was created.
Status (string) --
The status of the Systems Manager document.
DocumentVersion (string) --
The document version.
Description (string) --
A description of the document.
Parameters (list) --
A description of the parameters for a document.
(dict) --
Parameters specified in a System Manager document that execute on the server when the command is run.
Name (string) --
The name of the parameter.
Type (string) --
The type of parameter. The type can be either String or StringList.
Description (string) --
A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.
DefaultValue (string) --
If specified, the default values for the parameters. Parameters without a default value are required. Parameters with a default value are optional.
PlatformTypes (list) --
The list of OS platforms compatible with this Systems Manager document.
(string) --
DocumentType (string) --
The type of document.
SchemaVersion (string) --
The schema version.
LatestVersion (string) --
The latest version of the document.
DefaultVersion (string) --
The default version.
Tags (list) --
The tags, or metadata, that have been applied to the document.
(dict) --
Metadata that you assign to your AWS resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Systems Manager, you can apply tags to documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines.
Key (string) --
The name of the tag.
Value (string) --
The value of the tag.
{'Filters': [{'Key': 'string', 'Values': ['string']}]}
Response {'DocumentIdentifiers': {'Tags': [{'Key': 'string', 'Value': 'string'}]}}
Describes one or more of your Systems Manager documents.
See also: AWS API Documentation
Request Syntax
client.list_documents(
DocumentFilterList=[
{
'key': 'Name'|'Owner'|'PlatformTypes'|'DocumentType',
'value': 'string'
},
],
Filters=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
list
One or more filters. Use a filter to return a more specific list of results.
(dict) --
Describes a filter.
key (string) -- [REQUIRED]
The name of the filter.
value (string) -- [REQUIRED]
The value of the filter.
list
One or more filters. Use a filter to return a more specific list of results.
(dict) --
One or more filters. Use a filter to return a more specific list of documents.
For keys, you can specify one or more tags that have been applied to a document.
Other valid values include Owner, Name, PlatformTypes, and DocumentType.
Note that only one Owner can be specified in a request. For example: Key=Owner,Values=Self .
If you use Name as a key, you can use a name prefix to return a list of documents. For example, in the AWS CLI, to return a list of all documents that begin with Te , run the following command:
aws ssm list-documents --filters Key=Name,Values=Te
If you specify more than two keys, only documents that are identified by all the tags are returned in the results. If you specify more than two values for a key, documents that are identified by any of the values are returned in the results.
To specify a custom key and value pair, use the format Key=tag:[tagName],Values=[valueName] .
For example, if you created a Key called region and are using the AWS CLI to call the list-documents command:
aws ssm list-documents --filters Key=tag:region,Values=east,west Key=Owner,Values=Self
Key (string) --
The name of the filter key.
Values (list) --
The value for the filter key.
(string) --
integer
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a previous call.)
dict
Response Syntax
{
'DocumentIdentifiers': [
{
'Name': 'string',
'Owner': 'string',
'PlatformTypes': [
'Windows'|'Linux',
],
'DocumentVersion': 'string',
'DocumentType': 'Command'|'Policy'|'Automation',
'SchemaVersion': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
DocumentIdentifiers (list) --
The names of the Systems Manager documents.
(dict) --
Describes the name of a Systems Manager document.
Name (string) --
The name of the Systems Manager document.
Owner (string) --
The AWS user account that created the document.
PlatformTypes (list) --
The operating system platform.
(string) --
DocumentVersion (string) --
The document version.
DocumentType (string) --
The document type.
SchemaVersion (string) --
The schema version.
Tags (list) --
The tags, or metadata, that have been applied to the document.
(dict) --
Metadata that you assign to your AWS resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Systems Manager, you can apply tags to documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines.
Key (string) --
The name of the tag.
Value (string) --
The value of the tag.
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
{'ResourceType': ['PatchBaseline', 'Document']}
Returns a list of the tags assigned to the specified resource.
See also: AWS API Documentation
Request Syntax
client.list_tags_for_resource(
ResourceType='Document'|'ManagedInstance'|'MaintenanceWindow'|'Parameter'|'PatchBaseline',
ResourceId='string'
)
string
[REQUIRED]
Returns a list of tags for a specific resource type.
string
[REQUIRED]
The resource ID for which you want to see a list of tags.
dict
Response Syntax
{
'TagList': [
{
'Key': 'string',
'Value': 'string'
},
]
}
Response Structure
(dict) --
TagList (list) --
A list of tags.
(dict) --
Metadata that you assign to your AWS resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Systems Manager, you can apply tags to documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines.
Key (string) --
The name of the tag.
Value (string) --
The value of the tag.
{'ResourceType': ['PatchBaseline', 'Document']}
Removes all tags from the specified resource.
See also: AWS API Documentation
Request Syntax
client.remove_tags_from_resource(
ResourceType='Document'|'ManagedInstance'|'MaintenanceWindow'|'Parameter'|'PatchBaseline',
ResourceId='string',
TagKeys=[
'string',
]
)
string
[REQUIRED]
The type of resource of which you want to remove a tag.
string
[REQUIRED]
The resource ID for which you want to remove tags.
list
[REQUIRED]
Tag keys that you want to remove from the specified resource.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
{'DocumentDescription': {'Tags': [{'Key': 'string', 'Value': 'string'}]}}
The document you want to update.
See also: AWS API Documentation
Request Syntax
client.update_document(
Content='string',
Name='string',
DocumentVersion='string'
)
string
[REQUIRED]
The content in a document that you want to update.
string
[REQUIRED]
The name of the document that you want to update.
string
The version of the document that you want to update.
dict
Response Syntax
{
'DocumentDescription': {
'Sha1': 'string',
'Hash': 'string',
'HashType': 'Sha256'|'Sha1',
'Name': 'string',
'Owner': 'string',
'CreatedDate': datetime(2015, 1, 1),
'Status': 'Creating'|'Active'|'Updating'|'Deleting',
'DocumentVersion': 'string',
'Description': 'string',
'Parameters': [
{
'Name': 'string',
'Type': 'String'|'StringList',
'Description': 'string',
'DefaultValue': 'string'
},
],
'PlatformTypes': [
'Windows'|'Linux',
],
'DocumentType': 'Command'|'Policy'|'Automation',
'SchemaVersion': 'string',
'LatestVersion': 'string',
'DefaultVersion': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
DocumentDescription (dict) --
A description of the document that was updated.
Sha1 (string) --
The SHA1 hash of the document, which you can use for verification.
Hash (string) --
The Sha256 or Sha1 hash created by the system when the document was created.
Note
Sha1 hashes have been deprecated.
HashType (string) --
Sha256 or Sha1.
Note
Sha1 hashes have been deprecated.
Name (string) --
The name of the Systems Manager document.
Owner (string) --
The AWS user account that created the document.
CreatedDate (datetime) --
The date when the document was created.
Status (string) --
The status of the Systems Manager document.
DocumentVersion (string) --
The document version.
Description (string) --
A description of the document.
Parameters (list) --
A description of the parameters for a document.
(dict) --
Parameters specified in a System Manager document that execute on the server when the command is run.
Name (string) --
The name of the parameter.
Type (string) --
The type of parameter. The type can be either String or StringList.
Description (string) --
A description of what the parameter does, how to use it, the default value, and whether or not the parameter is optional.
DefaultValue (string) --
If specified, the default values for the parameters. Parameters without a default value are required. Parameters with a default value are optional.
PlatformTypes (list) --
The list of OS platforms compatible with this Systems Manager document.
(string) --
DocumentType (string) --
The type of document.
SchemaVersion (string) --
The schema version.
LatestVersion (string) --
The latest version of the document.
DefaultVersion (string) --
The default version.
Tags (list) --
The tags, or metadata, that have been applied to the document.
(dict) --
Metadata that you assign to your AWS resources. Tags enable you to categorize your resources in different ways, for example, by purpose, owner, or environment. In Systems Manager, you can apply tags to documents, managed instances, Maintenance Windows, Parameter Store parameters, and patch baselines.
Key (string) --
The name of the tag.
Value (string) --
The value of the tag.