Terraform AWS SSM Documents for Cloud Security Connectors

This Terraform project deploys a set of AWS Systems Manager (SSM) Command Documents. These documents are designed to run specific shell scripts on managed Linux instances for troubleshooting and maintenance of Cloud Security Connectors (CSC).

Description

The configuration automates the creation of 13 distinct AWS::SSM::Document resources. Each document is a "Command" type and is configured to run a shell script. These scripts cover a range of diagnostic and management tasks, such as checking configuration, running network tests, managing logs, and refreshing configuration files.

File Structure

The project is organized into three main files:

• main.tf: Contains the core resource definitions for all the AWS SSM documents.
• variables.tf: Declares the input variables used in the configuration, such as the AWS region.
• terraform.auto.tfvars: Provides values for the declared variables. This file is used to set the deployment region without needing to pass it as a command-line argument.

Prerequisites

Before you begin, ensure you have the following installed and configured:

1. Terraform: Install Terraform (version 1.0.0 or newer is recommended).
2. AWS Account: An active AWS account with the necessary permissions to create SSM documents.
3. AWS CLI: Install and configure the AWS CLI with your credentials. Terraform uses these credentials to authenticate with your AWS account.

Deployment Instructions

Follow these steps to deploy the SSM documents to your AWS account.

1. Clone the Repository Clone or download the project files to your local machine.

2. Initialize Terraform Open your terminal, navigate to the project directory, and run the init command. This will download the necessary AWS provider plugin.

   terraform init
   

3. Configure the AWS Region Open the terraform.auto.tfvars file and set the aws_region variable to your desired AWS region (e.g., "us-east-1").

   aws_region = "us-east-1"
   

4. Plan the Deployment Run terraform plan to see an execution plan. This command shows you which resources Terraform will create, modify, or destroy.

   terraform plan
   

   You should see a plan to add 13 new aws_ssm_document resources.

5. Apply the Configuration If the plan looks correct, apply the configuration to create the resources in your AWS account.

   terraform apply
   

   Terraform will ask for confirmation. Type yes and press Enter to proceed.

After the apply is complete, all SSM documents will be available in the AWS Systems Manager console in your specified region.

Inputs

The following input variable can be configured in the terraform.auto.tfvars file:

Destroying the Resources

If you no longer need the SSM documents, you can remove them from your AWS account by running the destroy command from the project directory.

terraform destroy

Terraform will ask for confirmation before deleting the resources. Type yes to proceed.