Security Modules 0.74.5Last updated in version 0.72.1
View Source
Release Notes
SSM Healthchecks IAM Permissions
This modules adds the necessary IAM policies to an IAM role so that the AWS Systems Manager agent gets necessary permissions in order to do automated health checks.
Motivation
From: https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html
SSM Agent is installed, by default, on the following Amazon EC2 Amazon Machine Images (AMIs):
- Windows Server (all SKUs)
- Amazon Linux 2
- Ubuntu Server 18.04
- Ubuntu Server 20.04
We recommend using this module with just about every single EC2 Instance and Auto Scaling Group you launch, or you'll end up with confusing SSM errors in your logs (syslog
).
Sample Usage
- Terraform
- Terragrunt
main.tf
# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S SSM-HEALTHCHECKS-IAM-PERMISSIONS MODULE
# ------------------------------------------------------------------------------------------------------
module "ssm_healthchecks_iam_permissions" {
source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.74.5"
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
# ----------------------------------------------------------------------------------------------------
# The Id of the IAM role to which we should add SSM healthcheck permissions
iam_role_id = <string>
}
terragrunt.hcl
# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S SSM-HEALTHCHECKS-IAM-PERMISSIONS MODULE
# ------------------------------------------------------------------------------------------------------
terraform {
source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.74.5"
}
inputs = {
# ----------------------------------------------------------------------------------------------------
# REQUIRED VARIABLES
# ----------------------------------------------------------------------------------------------------
# The Id of the IAM role to which we should add SSM healthcheck permissions
iam_role_id = <string>
}