Skip to main content
Security Modules 0.72.0Last updated in version 0.69.2

SSM Healthchecks IAM Permissions

View SourceRelease Notes

This modules adds the necessary IAM policies to an IAM role so that the AWS Systems Manager agent gets necessary permissions in order to do automated health checks.

Motivation

From: https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent.html

SSM Agent is installed, by default, on the following Amazon EC2 Amazon Machine Images (AMIs):

  • Windows Server (all SKUs)
  • Amazon Linux
  • Amazon Linux 2
  • Ubuntu Server 18.04
  • Ubuntu Server 20.04

We recommend using this module with just about every single EC2 Instance and Auto Scaling Group you launch, or you'll end up with confusing SSM errors in your logs (syslog).

Sample Usage

main.tf

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S SSM-HEALTHCHECKS-IAM-PERMISSIONS MODULE
# ------------------------------------------------------------------------------------------------------

module "ssm_healthchecks_iam_permissions" {

  source = "git::git@github.com:gruntwork-io/terraform-aws-security.git//modules/ssm-healthchecks-iam-permissions?ref=v0.72.0"

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # The Id of the IAM role to which we should add SSM healthcheck permissions
  iam_role_id = <string>

}