AWS Cloud Control v1.26.0, Mar 12 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

aws-native.ssm.Association

Explore with Pulumi AI

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

pulumi/pulumi-aws-native

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var specificInstanceIdAssociation = new AwsNative.Ssm.Association("specificInstanceIdAssociation", new()
    {
        Name = "AWS-RunShellScript",
        Targets = new[]
        {
            new AwsNative.Ssm.Inputs.AssociationTargetArgs
            {
                Key = "InstanceIds",
                Values = new[]
                {
                    "i-1234567890abcdef0",
                },
            },
        },
        Parameters = 
        {
            { "commands", new[]
            {
                "ls",
            } },
            { "workingDirectory", new[]
            {
                "/",
            } },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ssm.NewAssociation(ctx, "specificInstanceIdAssociation", &ssm.AssociationArgs{
			Name: pulumi.String("AWS-RunShellScript"),
			Targets: ssm.AssociationTargetArray{
				&ssm.AssociationTargetArgs{
					Key: pulumi.String("InstanceIds"),
					Values: pulumi.StringArray{
						pulumi.String("i-1234567890abcdef0"),
					},
				},
			},
			Parameters: pulumi.StringArrayMap{
				"commands": pulumi.StringArray{
					pulumi.String("ls"),
				},
				"workingDirectory": pulumi.StringArray{
					pulumi.String("/"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const specificInstanceIdAssociation = new aws_native.ssm.Association("specificInstanceIdAssociation", {
    name: "AWS-RunShellScript",
    targets: [{
        key: "InstanceIds",
        values: ["i-1234567890abcdef0"],
    }],
    parameters: {
        commands: ["ls"],
        workingDirectory: ["/"],
    },
});

import pulumi
import pulumi_aws_native as aws_native

specific_instance_id_association = aws_native.ssm.Association("specificInstanceIdAssociation",
    name="AWS-RunShellScript",
    targets=[{
        "key": "InstanceIds",
        "values": ["i-1234567890abcdef0"],
    }],
    parameters={
        "commands": ["ls"],
        "workingDirectory": ["/"],
    })

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var specificInstanceIdAssociation = new AwsNative.Ssm.Association("specificInstanceIdAssociation", new()
    {
        Name = "AWS-RunShellScript",
        Targets = new[]
        {
            new AwsNative.Ssm.Inputs.AssociationTargetArgs
            {
                Key = "InstanceIds",
                Values = new[]
                {
                    "i-1234567890abcdef0",
                },
            },
        },
        Parameters = 
        {
            { "commands", new[]
            {
                "ls",
            } },
            { "workingDirectory", new[]
            {
                "/",
            } },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ssm.NewAssociation(ctx, "specificInstanceIdAssociation", &ssm.AssociationArgs{
			Name: pulumi.String("AWS-RunShellScript"),
			Targets: ssm.AssociationTargetArray{
				&ssm.AssociationTargetArgs{
					Key: pulumi.String("InstanceIds"),
					Values: pulumi.StringArray{
						pulumi.String("i-1234567890abcdef0"),
					},
				},
			},
			Parameters: pulumi.StringArrayMap{
				"commands": pulumi.StringArray{
					pulumi.String("ls"),
				},
				"workingDirectory": pulumi.StringArray{
					pulumi.String("/"),
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const specificInstanceIdAssociation = new aws_native.ssm.Association("specificInstanceIdAssociation", {
    name: "AWS-RunShellScript",
    targets: [{
        key: "InstanceIds",
        values: ["i-1234567890abcdef0"],
    }],
    parameters: {
        commands: ["ls"],
        workingDirectory: ["/"],
    },
});

import pulumi
import pulumi_aws_native as aws_native

specific_instance_id_association = aws_native.ssm.Association("specificInstanceIdAssociation",
    name="AWS-RunShellScript",
    targets=[{
        "key": "InstanceIds",
        "values": ["i-1234567890abcdef0"],
    }],
    parameters={
        "commands": ["ls"],
        "workingDirectory": ["/"],
    })

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var allInstanceIdsAssociation = new AwsNative.Ssm.Association("allInstanceIdsAssociation", new()
    {
        AssociationName = "UpdateSSMAgent",
        Name = "AWS-UpdateSSMAgent",
        ScheduleExpression = "cron(0 2 ? * SUN *)",
        Targets = new[]
        {
            new AwsNative.Ssm.Inputs.AssociationTargetArgs
            {
                Key = "InstanceIds",
                Values = new[]
                {
                    "*",
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ssm.NewAssociation(ctx, "allInstanceIdsAssociation", &ssm.AssociationArgs{
			AssociationName:    pulumi.String("UpdateSSMAgent"),
			Name:               pulumi.String("AWS-UpdateSSMAgent"),
			ScheduleExpression: pulumi.String("cron(0 2 ? * SUN *)"),
			Targets: ssm.AssociationTargetArray{
				&ssm.AssociationTargetArgs{
					Key: pulumi.String("InstanceIds"),
					Values: pulumi.StringArray{
						pulumi.String("*"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const allInstanceIdsAssociation = new aws_native.ssm.Association("allInstanceIdsAssociation", {
    associationName: "UpdateSSMAgent",
    name: "AWS-UpdateSSMAgent",
    scheduleExpression: "cron(0 2 ? * SUN *)",
    targets: [{
        key: "InstanceIds",
        values: ["*"],
    }],
});

import pulumi
import pulumi_aws_native as aws_native

all_instance_ids_association = aws_native.ssm.Association("allInstanceIdsAssociation",
    association_name="UpdateSSMAgent",
    name="AWS-UpdateSSMAgent",
    schedule_expression="cron(0 2 ? * SUN *)",
    targets=[{
        "key": "InstanceIds",
        "values": ["*"],
    }])

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var allInstanceIdsAssociation = new AwsNative.Ssm.Association("allInstanceIdsAssociation", new()
    {
        AssociationName = "UpdateSSMAgent",
        Name = "AWS-UpdateSSMAgent",
        ScheduleExpression = "cron(0 2 ? * SUN *)",
        Targets = new[]
        {
            new AwsNative.Ssm.Inputs.AssociationTargetArgs
            {
                Key = "InstanceIds",
                Values = new[]
                {
                    "*",
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ssm.NewAssociation(ctx, "allInstanceIdsAssociation", &ssm.AssociationArgs{
			AssociationName:    pulumi.String("UpdateSSMAgent"),
			Name:               pulumi.String("AWS-UpdateSSMAgent"),
			ScheduleExpression: pulumi.String("cron(0 2 ? * SUN *)"),
			Targets: ssm.AssociationTargetArray{
				&ssm.AssociationTargetArgs{
					Key: pulumi.String("InstanceIds"),
					Values: pulumi.StringArray{
						pulumi.String("*"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const allInstanceIdsAssociation = new aws_native.ssm.Association("allInstanceIdsAssociation", {
    associationName: "UpdateSSMAgent",
    name: "AWS-UpdateSSMAgent",
    scheduleExpression: "cron(0 2 ? * SUN *)",
    targets: [{
        key: "InstanceIds",
        values: ["*"],
    }],
});

import pulumi
import pulumi_aws_native as aws_native

all_instance_ids_association = aws_native.ssm.Association("allInstanceIdsAssociation",
    association_name="UpdateSSMAgent",
    name="AWS-UpdateSSMAgent",
    schedule_expression="cron(0 2 ? * SUN *)",
    targets=[{
        "key": "InstanceIds",
        "values": ["*"],
    }])

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var taggedInstancesAssociation = new AwsNative.Ssm.Association("taggedInstancesAssociation", new()
    {
        AssociationName = "UpdateSSMAgent",
        Name = "AWS-UpdateSSMAgent",
        ScheduleExpression = "rate(7 days)",
        Targets = new[]
        {
            new AwsNative.Ssm.Inputs.AssociationTargetArgs
            {
                Key = "tag:Environment",
                Values = new[]
                {
                    "Production",
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ssm.NewAssociation(ctx, "taggedInstancesAssociation", &ssm.AssociationArgs{
			AssociationName:    pulumi.String("UpdateSSMAgent"),
			Name:               pulumi.String("AWS-UpdateSSMAgent"),
			ScheduleExpression: pulumi.String("rate(7 days)"),
			Targets: ssm.AssociationTargetArray{
				&ssm.AssociationTargetArgs{
					Key: pulumi.String("tag:Environment"),
					Values: pulumi.StringArray{
						pulumi.String("Production"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const taggedInstancesAssociation = new aws_native.ssm.Association("taggedInstancesAssociation", {
    associationName: "UpdateSSMAgent",
    name: "AWS-UpdateSSMAgent",
    scheduleExpression: "rate(7 days)",
    targets: [{
        key: "tag:Environment",
        values: ["Production"],
    }],
});

import pulumi
import pulumi_aws_native as aws_native

tagged_instances_association = aws_native.ssm.Association("taggedInstancesAssociation",
    association_name="UpdateSSMAgent",
    name="AWS-UpdateSSMAgent",
    schedule_expression="rate(7 days)",
    targets=[{
        "key": "tag:Environment",
        "values": ["Production"],
    }])

Coming soon!

Example

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AwsNative = Pulumi.AwsNative;

return await Deployment.RunAsync(() => 
{
    var taggedInstancesAssociation = new AwsNative.Ssm.Association("taggedInstancesAssociation", new()
    {
        AssociationName = "UpdateSSMAgent",
        Name = "AWS-UpdateSSMAgent",
        ScheduleExpression = "rate(7 days)",
        Targets = new[]
        {
            new AwsNative.Ssm.Inputs.AssociationTargetArgs
            {
                Key = "tag:Environment",
                Values = new[]
                {
                    "Production",
                },
            },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws-native/sdk/go/aws/ssm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ssm.NewAssociation(ctx, "taggedInstancesAssociation", &ssm.AssociationArgs{
			AssociationName:    pulumi.String("UpdateSSMAgent"),
			Name:               pulumi.String("AWS-UpdateSSMAgent"),
			ScheduleExpression: pulumi.String("rate(7 days)"),
			Targets: ssm.AssociationTargetArray{
				&ssm.AssociationTargetArgs{
					Key: pulumi.String("tag:Environment"),
					Values: pulumi.StringArray{
						pulumi.String("Production"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

Coming soon!

import * as pulumi from "@pulumi/pulumi";
import * as aws_native from "@pulumi/aws-native";

const taggedInstancesAssociation = new aws_native.ssm.Association("taggedInstancesAssociation", {
    associationName: "UpdateSSMAgent",
    name: "AWS-UpdateSSMAgent",
    scheduleExpression: "rate(7 days)",
    targets: [{
        key: "tag:Environment",
        values: ["Production"],
    }],
});

import pulumi
import pulumi_aws_native as aws_native

tagged_instances_association = aws_native.ssm.Association("taggedInstancesAssociation",
    association_name="UpdateSSMAgent",
    name="AWS-UpdateSSMAgent",
    schedule_expression="rate(7 days)",
    targets=[{
        "key": "tag:Environment",
        "values": ["Production"],
    }])

Coming soon!

Create Association Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

TypeScript
Python
Go
C#
Java
YAML

new Association(name: string, args?: AssociationArgs, opts?: CustomResourceOptions);

@overload
def Association(resource_name: str,
                args: Optional[AssociationArgs] = None,
                opts: Optional[ResourceOptions] = None)

@overload
def Association(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                apply_only_at_cron_interval: Optional[bool] = None,
                association_name: Optional[str] = None,
                automation_target_parameter_name: Optional[str] = None,
                calendar_names: Optional[Sequence[str]] = None,
                compliance_severity: Optional[AssociationComplianceSeverity] = None,
                document_version: Optional[str] = None,
                instance_id: Optional[str] = None,
                max_concurrency: Optional[str] = None,
                max_errors: Optional[str] = None,
                name: Optional[str] = None,
                output_location: Optional[AssociationInstanceAssociationOutputLocationArgs] = None,
                parameters: Optional[Mapping[str, Sequence[str]]] = None,
                schedule_expression: Optional[str] = None,
                schedule_offset: Optional[int] = None,
                sync_compliance: Optional[AssociationSyncCompliance] = None,
                targets: Optional[Sequence[AssociationTargetArgs]] = None,
                wait_for_success_timeout_seconds: Optional[int] = None)

func NewAssociation(ctx *Context, name string, args *AssociationArgs, opts ...ResourceOption) (*Association, error)

public Association(string name, AssociationArgs? args = null, CustomResourceOptions? opts = null)

public Association(String name, AssociationArgs args)
public Association(String name, AssociationArgs args, CustomResourceOptions options)

type: aws-native:ssm:Association
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args AssociationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args AssociationArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args AssociationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args AssociationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args AssociationArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Association Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Association resource accepts the following input properties:

ApplyOnlyAtCronInterval bool

By default, when you create a new association, the system runs it immediately after it is created and then according to the schedule you specified. Specify this option if you don't want an association to run immediately after you create it. This parameter is not supported for rate expressions.

AssociationName string

The name of the association.

AutomationTargetParameterName string

Choose the parameter that will define how your automation will branch out. This target is required for associations that use an Automation runbook and target resources by using rate controls. Automation is a tool in AWS Systems Manager .

CalendarNames List<string>

The names or Amazon Resource Names (ARNs) of the Change Calendar type documents your associations are gated under. The associations only run when that Change Calendar is open. For more information, see AWS Systems Manager Change Calendar in the AWS Systems Manager User Guide .

ComplianceSeverity Pulumi.AwsNative.Ssm.AssociationComplianceSeverity

The severity level that is assigned to the association.

DocumentVersion string

The version of the SSM document to associate with the target.

InstanceId string

The ID of the instance that the SSM document is associated with.

MaxConcurrency string

The maximum number of targets allowed to run the association at the same time. You can specify a number, for example 10, or a percentage of the target set, for example 10%. The default value is 100%, which means all targets run the association at the same time.

If a new managed node starts and attempts to run an association while Systems Manager is running MaxConcurrency associations, the association is allowed to run. During the next association interval, the new managed node will process its association within the limit specified for MaxConcurrency .

MaxErrors string

The number of errors that are allowed before the system stops sending requests to run the association on additional targets. You can specify either an absolute number of errors, for example 10, or a percentage of the target set, for example 10%. If you specify 3, for example, the system stops sending requests when the fourth error is received. If you specify 0, then the system stops sending requests after the first error is returned. If you run an association on 50 managed nodes and set MaxError to 10%, then the system stops sending the request when the sixth error is received.

Executions that are already running an association when MaxErrors is reached are allowed to complete, but some of these executions may fail as well. If you need to ensure that there won't be more than max-errors failed executions, set MaxConcurrency to 1 so that executions proceed one at a time.

Name string

The name of the SSM document.

OutputLocation Pulumi.AwsNative.Ssm.Inputs.AssociationInstanceAssociationOutputLocation

An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.

Parameters Dictionary<string, ImmutableArray<string>>

Parameter values that the SSM document uses at runtime.

ScheduleExpression string

A Cron or Rate expression that specifies when the association is applied to the target.

ScheduleOffset int

Number of days to wait after the scheduled day to run an association.

SyncCompliance Pulumi.AwsNative.Ssm.AssociationSyncCompliance

The mode for generating association compliance. You can specify AUTO or MANUAL . In AUTO mode, the system uses the status of the association execution to determine the compliance status. If the association execution runs successfully, then the association is COMPLIANT . If the association execution doesn't run successfully, the association is NON-COMPLIANT .

In MANUAL mode, you must specify the AssociationId as a parameter for the PutComplianceItems API action. In this case, compliance data is not managed by State Manager. It is managed by your direct call to the PutComplianceItems API action.

By default, all associations use AUTO mode.

Targets List<Pulumi.AwsNative.Ssm.Inputs.AssociationTarget>

The targets that the SSM document sends commands to.

WaitForSuccessTimeoutSeconds int

The number of seconds the service should wait for the association status to show "Success" before proceeding with the stack execution. If the association status doesn't show "Success" after the specified number of seconds, then stack creation fails.

When you specify a value for the WaitForSuccessTimeoutSeconds , drift detection for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include WaitForSuccessTimeoutSeconds in your template.

ApplyOnlyAtCronInterval bool

AssociationName string

The name of the association.

AutomationTargetParameterName string

CalendarNames []string

ComplianceSeverity AssociationComplianceSeverity

The severity level that is assigned to the association.

DocumentVersion string

The version of the SSM document to associate with the target.

InstanceId string

The ID of the instance that the SSM document is associated with.

MaxConcurrency string

MaxErrors string

Name string

The name of the SSM document.

OutputLocation AssociationInstanceAssociationOutputLocationArgs

An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.

Parameters map[string][]string

Parameter values that the SSM document uses at runtime.

ScheduleExpression string

A Cron or Rate expression that specifies when the association is applied to the target.

ScheduleOffset int

Number of days to wait after the scheduled day to run an association.

SyncCompliance AssociationSyncCompliance

By default, all associations use AUTO mode.

Targets []AssociationTargetArgs

The targets that the SSM document sends commands to.

WaitForSuccessTimeoutSeconds int

When you specify a value for the WaitForSuccessTimeoutSeconds , drift detection for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include WaitForSuccessTimeoutSeconds in your template.

applyOnlyAtCronInterval Boolean

associationName String

The name of the association.

automationTargetParameterName String

calendarNames List<String>

complianceSeverity AssociationComplianceSeverity

The severity level that is assigned to the association.

documentVersion String

The version of the SSM document to associate with the target.

instanceId String

The ID of the instance that the SSM document is associated with.

maxConcurrency String

maxErrors String

name String

The name of the SSM document.

outputLocation AssociationInstanceAssociationOutputLocation

An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.

parameters Map<String,List<String>>

Parameter values that the SSM document uses at runtime.

scheduleExpression String

A Cron or Rate expression that specifies when the association is applied to the target.

scheduleOffset Integer

Number of days to wait after the scheduled day to run an association.

syncCompliance AssociationSyncCompliance

By default, all associations use AUTO mode.

targets List<AssociationTarget>

The targets that the SSM document sends commands to.

waitForSuccessTimeoutSeconds Integer

When you specify a value for the WaitForSuccessTimeoutSeconds , drift detection for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include WaitForSuccessTimeoutSeconds in your template.

applyOnlyAtCronInterval boolean

associationName string

The name of the association.

automationTargetParameterName string

calendarNames string[]

complianceSeverity AssociationComplianceSeverity

The severity level that is assigned to the association.

documentVersion string

The version of the SSM document to associate with the target.

instanceId string

The ID of the instance that the SSM document is associated with.

maxConcurrency string

maxErrors string

name string

The name of the SSM document.

outputLocation AssociationInstanceAssociationOutputLocation

An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.

parameters {[key: string]: string[]}

Parameter values that the SSM document uses at runtime.

scheduleExpression string

A Cron or Rate expression that specifies when the association is applied to the target.

scheduleOffset number

Number of days to wait after the scheduled day to run an association.

syncCompliance AssociationSyncCompliance

By default, all associations use AUTO mode.

targets AssociationTarget[]

The targets that the SSM document sends commands to.

waitForSuccessTimeoutSeconds number

When you specify a value for the WaitForSuccessTimeoutSeconds , drift detection for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include WaitForSuccessTimeoutSeconds in your template.

apply_only_at_cron_interval bool

association_name str

The name of the association.

automation_target_parameter_name str

calendar_names Sequence[str]

compliance_severity AssociationComplianceSeverity

The severity level that is assigned to the association.

document_version str

The version of the SSM document to associate with the target.

instance_id str

The ID of the instance that the SSM document is associated with.

max_concurrency str

max_errors str

name str

The name of the SSM document.

output_location AssociationInstanceAssociationOutputLocationArgs

An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.

parameters Mapping[str, Sequence[str]]

Parameter values that the SSM document uses at runtime.

schedule_expression str

A Cron or Rate expression that specifies when the association is applied to the target.

schedule_offset int

Number of days to wait after the scheduled day to run an association.

sync_compliance AssociationSyncCompliance

By default, all associations use AUTO mode.

targets Sequence[AssociationTargetArgs]

The targets that the SSM document sends commands to.

wait_for_success_timeout_seconds int

When you specify a value for the WaitForSuccessTimeoutSeconds , drift detection for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include WaitForSuccessTimeoutSeconds in your template.

applyOnlyAtCronInterval Boolean

associationName String

The name of the association.

automationTargetParameterName String

calendarNames List<String>

complianceSeverity "CRITICAL" | "HIGH" | "MEDIUM" | "LOW" | "UNSPECIFIED"

The severity level that is assigned to the association.

documentVersion String

The version of the SSM document to associate with the target.

instanceId String

The ID of the instance that the SSM document is associated with.

maxConcurrency String

maxErrors String

name String

The name of the SSM document.

outputLocation Property Map

An Amazon Simple Storage Service (Amazon S3) bucket where you want to store the output details of the request.

parameters Map<List<String>>

Parameter values that the SSM document uses at runtime.

scheduleExpression String

A Cron or Rate expression that specifies when the association is applied to the target.

scheduleOffset Number

Number of days to wait after the scheduled day to run an association.

syncCompliance "AUTO" | "MANUAL"

By default, all associations use AUTO mode.

targets List<Property Map>

The targets that the SSM document sends commands to.

waitForSuccessTimeoutSeconds Number

When you specify a value for the WaitForSuccessTimeoutSeconds , drift detection for your AWS CloudFormation stack’s configuration might yield inaccurate results. If drift detection is important in your scenario, we recommend that you don’t include WaitForSuccessTimeoutSeconds in your template.

Outputs

All input properties are implicitly available as output properties. Additionally, the Association resource produces the following output properties:

AssociationId string: Unique identifier of the association.
Id string: The provider-assigned unique ID for this managed resource.

AssociationId string: Unique identifier of the association.
Id string: The provider-assigned unique ID for this managed resource.

associationId String: Unique identifier of the association.
id String: The provider-assigned unique ID for this managed resource.

associationId string: Unique identifier of the association.
id string: The provider-assigned unique ID for this managed resource.

association_id str: Unique identifier of the association.
id str: The provider-assigned unique ID for this managed resource.

associationId String: Unique identifier of the association.
id String: The provider-assigned unique ID for this managed resource.

Supporting Types

AssociationComplianceSeverity
, AssociationComplianceSeverityArgs

Critical: CRITICAL
High: HIGH
Medium: MEDIUM
Low: LOW
Unspecified: UNSPECIFIED

AssociationComplianceSeverityCritical: CRITICAL
AssociationComplianceSeverityHigh: HIGH
AssociationComplianceSeverityMedium: MEDIUM
AssociationComplianceSeverityLow: LOW
AssociationComplianceSeverityUnspecified: UNSPECIFIED

Critical: CRITICAL
High: HIGH
Medium: MEDIUM
Low: LOW
Unspecified: UNSPECIFIED

Critical: CRITICAL
High: HIGH
Medium: MEDIUM
Low: LOW
Unspecified: UNSPECIFIED

CRITICAL: CRITICAL
HIGH: HIGH
MEDIUM: MEDIUM
LOW: LOW
UNSPECIFIED: UNSPECIFIED

"CRITICAL": CRITICAL
"HIGH": HIGH
"MEDIUM": MEDIUM
"LOW": LOW
"UNSPECIFIED": UNSPECIFIED

AssociationInstanceAssociationOutputLocation
, AssociationInstanceAssociationOutputLocationArgs

S3Location Pulumi.AwsNative.Ssm.Inputs.AssociationS3OutputLocation: S3OutputLocation is a property of the InstanceAssociationOutputLocation property that specifies an Amazon S3 bucket where you want to store the results of this request.

S3Location AssociationS3OutputLocation: S3OutputLocation is a property of the InstanceAssociationOutputLocation property that specifies an Amazon S3 bucket where you want to store the results of this request.

s3Location AssociationS3OutputLocation: S3OutputLocation is a property of the InstanceAssociationOutputLocation property that specifies an Amazon S3 bucket where you want to store the results of this request.

s3Location AssociationS3OutputLocation: S3OutputLocation is a property of the InstanceAssociationOutputLocation property that specifies an Amazon S3 bucket where you want to store the results of this request.

s3_location AssociationS3OutputLocation: S3OutputLocation is a property of the InstanceAssociationOutputLocation property that specifies an Amazon S3 bucket where you want to store the results of this request.

s3Location Property Map: S3OutputLocation is a property of the InstanceAssociationOutputLocation property that specifies an Amazon S3 bucket where you want to store the results of this request.

AssociationS3OutputLocation
, AssociationS3OutputLocationArgs

OutputS3BucketName string: The name of the S3 bucket.
OutputS3KeyPrefix string: The S3 bucket subfolder.
OutputS3Region string: The AWS Region of the S3 bucket.

OutputS3BucketName string: The name of the S3 bucket.
OutputS3KeyPrefix string: The S3 bucket subfolder.
OutputS3Region string: The AWS Region of the S3 bucket.

outputS3BucketName String: The name of the S3 bucket.
outputS3KeyPrefix String: The S3 bucket subfolder.
outputS3Region String: The AWS Region of the S3 bucket.

outputS3BucketName string: The name of the S3 bucket.
outputS3KeyPrefix string: The S3 bucket subfolder.
outputS3Region string: The AWS Region of the S3 bucket.

output_s3_bucket_name str: The name of the S3 bucket.
output_s3_key_prefix str: The S3 bucket subfolder.
output_s3_region str: The AWS Region of the S3 bucket.

outputS3BucketName String: The name of the S3 bucket.
outputS3KeyPrefix String: The S3 bucket subfolder.
outputS3Region String: The AWS Region of the S3 bucket.

AssociationSyncCompliance
, AssociationSyncComplianceArgs

Auto: AUTO
Manual: MANUAL

AssociationSyncComplianceAuto: AUTO
AssociationSyncComplianceManual: MANUAL

Auto: AUTO
Manual: MANUAL

Auto: AUTO
Manual: MANUAL

AUTO: AUTO
MANUAL: MANUAL

"AUTO": AUTO
"MANUAL": MANUAL

AssociationTarget
, AssociationTargetArgs

Key string

User-defined criteria for sending commands that target managed nodes that meet the criteria.

Values List<string>

User-defined criteria that maps to Key . For example, if you specified tag:ServerRole , you could specify value:WebServer to run a command on instances that include EC2 tags of ServerRole,WebServer .

Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.

Key string

User-defined criteria for sending commands that target managed nodes that meet the criteria.

Values []string

Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.

key String

User-defined criteria for sending commands that target managed nodes that meet the criteria.

values List<String>

Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.

key string

User-defined criteria for sending commands that target managed nodes that meet the criteria.

values string[]

Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.

key str

User-defined criteria for sending commands that target managed nodes that meet the criteria.

values Sequence[str]

Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.

key String

User-defined criteria for sending commands that target managed nodes that meet the criteria.

values List<String>

Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50.

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.26.0 published on Wednesday, Mar 12, 2025 by Pulumi

pulumi/pulumi-aws-native

aws-native.ssm.Association

On this page

On this page

Example Usage

Example

Example

Example

Example

Example

Example

Create Association Resource

Constructor syntax

Parameters

Association Resource Properties

Inputs

Outputs

Supporting Types

AssociationComplianceSeverity
, AssociationComplianceSeverityArgs

AssociationInstanceAssociationOutputLocation
, AssociationInstanceAssociationOutputLocationArgs

AssociationS3OutputLocation
, AssociationS3OutputLocationArgs

AssociationSyncCompliance
, AssociationSyncComplianceArgs

AssociationTarget
, AssociationTargetArgs

Package Details

On this page

On this page

aws-native.ssm.Association

On this page

On this page

Example Usage

Example

Example

Example

Example

Example

Example

Create Association Resource

Constructor syntax

Parameters

Association Resource Properties

Inputs

Outputs

Supporting Types

AssociationComplianceSeverity, AssociationComplianceSeverityArgs

AssociationInstanceAssociationOutputLocation, AssociationInstanceAssociationOutputLocationArgs

AssociationS3OutputLocation, AssociationS3OutputLocationArgs

AssociationSyncCompliance, AssociationSyncComplianceArgs

AssociationTarget, AssociationTargetArgs

Package Details

On this page

On this page

AssociationComplianceSeverity
, AssociationComplianceSeverityArgs

AssociationInstanceAssociationOutputLocation
, AssociationInstanceAssociationOutputLocationArgs

AssociationS3OutputLocation
, AssociationS3OutputLocationArgs

AssociationSyncCompliance
, AssociationSyncComplianceArgs

AssociationTarget
, AssociationTargetArgs