Terraform aws ssm multiple parameters creation

Terraform module that simplifies multiple parameters creation on parameter store. Also can parse .env files Especially useful with Terragrunt.

Example usage

module "parameters" {
  source  = "zahornyak/multiple-ssm-parameters/aws"

  # prefix for parameter name
  parameter_prefix = "/dev/"
  
  parameters = {
    db_name = {
      name        = "foo"
      value       = "bar"
      type        = "String"
      description = "name of the db"
    }
    db_password = {
      value       = "password"
      type        = "String"
      description = "secure password"
    }
  }
}

Example parse env file

module "parameters" {
  source  = "zahornyak/multiple-ssm-parameters/aws"

  # prefix for parameter name
  parameter_prefix = "/dev/"
  
  file_path = ".env"

}

.env example:

DB_NAME=mysql
DB_PASSWORD=password

# example comment here
CERTIFICATE="dawjhjdkl;aefjhguwyidhjakenka"
SECRET="sjkbfdksnjwdjewlknfkj"

Example parse and use custom parameters

module "parameters_and_parse_files" {
  source  = "zahornyak/multiple-ssm-parameters/aws"

  parameters = {
    db_name = {
      name        = "foo"
      value       = "bar"
      type        = "String"
      description = "name of the db"
    }
    db_password = {
      value       = "password"
      type        = "String"
      description = "secure password"
    }
  }

  file_path = ".env"

}

Unlocked variables example(wont be changed by terraform):

You can lock each parameter or all the parameters

module "parameters" {
  source  = "zahornyak/multiple-ssm-parameters/aws"
  
  parameters = {
    db_name = {
      name        = "foo"
      value       = "bar"
      type        = "String"
      description = "name of the db"
    }
    db_password = {
      value       = "password"
      type        = "String"
      description = "secure password"
      unlocked = true
    }
  }

  #  unlocked = true
}

You can use all the environments for container definition secrets:

module "parameters" {
  source  = "zahornyak/multiple-ssm-parameters/aws"

  parameters = {
    db_name = {
      name        = "foo"
      value       = "bar"
      type        = "String"
      description = "name of the db"
    }
    db_password = {
      value       = "password"
      type        = "String"
      description = "secure password"
      unlocked = true
    }
  }
}

module "service_container_definition" {
  source  = "registry.terraform.io/cloudposse/ecs-container-definition/aws"

  container_image = "nginx:latest"
  container_name  = "example"
  essential       = true

  stop_timeout = 5
  
  port_mappings = [
    {
      containerPort = 80
      protocol      = "tcp"
      hostPort      = null
    }
  ]
  
  secrets = module.parameters.container_definitions_secrets

}

Requirements

Name	Version
terraform	>= 1.4
aws	>= 4.37

Providers

Name	Version
aws	>= 4.37
local	n/a

Modules

No modules.

Resources

Name	Type
aws_ssm_parameter.parsed	resource
aws_ssm_parameter.this	resource
aws_ssm_parameter.unlocked	resource
aws_ssm_parameter.data	data source
local_file.config_file	data source

Inputs

Name	Description	Type	Default	Required
data	data to store in parameter store	bool	false	no
file_path	file to parse	string	null	no
parameter_prefix	prefix for parameter names. For example you wanna split dev/prod parameters so you wanna add /service_name/development/ prefix before parameter name	string	null	no
parameters	map of parameters for parameter store	any	{}	no
tags	Specifies a tags	any	{}	no
unlocked	if true - sets the ignore lifecycle policy and disable terraform managing the version of the resource	bool	false	no

Outputs

Name	Description
container_definitions_secrets	useful output for container definition secrets variable
parameters_arns	parameters arns map
parameters_ids	parameters ids map
parameters_name_arns	merged parameters arns map with names of parameter