AWS::SSM::MaintenanceWindowTask MaintenanceWindowRunCommandParameters
The MaintenanceWindowRunCommandParameters property type specifies the
parameters for a RUN_COMMAND task type for a maintenance window task in AWS Systems Manager. This means that these
parameters are the same as those for the SendCommand API call. For more information about SendCommand
parameters, see SendCommand in the
AWS Systems Manager API Reference.
For information about available parameters in SSM Command documents, you can view the content of the document itself in the Systems Manager console. For information, see Viewing SSM command document content in the AWS Systems Manager User Guide.
MaintenanceWindowRunCommandParameters is a property of the
TaskInvocationParameters
property type.
Syntax
To declare this entity in your AWS CloudFormation template, use the following syntax:
JSON
{ "CloudWatchOutputConfig" :CloudWatchOutputConfig, "Comment" :String, "DocumentHash" :String, "DocumentHashType" :String, "DocumentVersion" :String, "NotificationConfig" :NotificationConfig, "OutputS3BucketName" :String, "OutputS3KeyPrefix" :String, "Parameters" :Json, "ServiceRoleArn" :String, "TimeoutSeconds" :Integer}
YAML
CloudWatchOutputConfig:CloudWatchOutputConfigComment:StringDocumentHash:StringDocumentHashType:StringDocumentVersion:StringNotificationConfig:NotificationConfigOutputS3BucketName:StringOutputS3KeyPrefix:StringParameters:JsonServiceRoleArn:StringTimeoutSeconds:Integer
Properties
CloudWatchOutputConfig-
Configuration options for sending command output to Amazon CloudWatch Logs.
Required: No
Type: CloudWatchOutputConfig
Update requires: No interruption
Comment-
Information about the command or commands to run.
Required: No
Type: String
Maximum:
100Update requires: No interruption
DocumentHash-
The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated.
Required: No
Type: String
Maximum:
256Update requires: No interruption
DocumentHashType-
The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated.
Required: No
Type: String
Allowed values:
Sha256 | Sha1Update requires: No interruption
DocumentVersion-
The AWS Systems Manager document (SSM document) version to use in the request. You can specify
$DEFAULT,$LATEST, or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example:--document-version "\$DEFAULT"--document-version "\$LATEST"--document-version "3"Required: No
Type: String
Pattern:
([$]LATEST|[$]DEFAULT|^[1-9][0-9]*$)Update requires: No interruption
NotificationConfig-
Configurations for sending notifications about command status changes on a per-managed node basis.
Required: No
Type: NotificationConfig
Update requires: No interruption
OutputS3BucketName-
The name of the Amazon Simple Storage Service (Amazon S3) bucket.
Required: No
Type: String
Minimum:
3Maximum:
63Update requires: No interruption
OutputS3KeyPrefix-
The S3 bucket subfolder.
Required: No
Type: String
Maximum:
500Update requires: No interruption
Parameters-
The parameters for the
RUN_COMMANDtask execution.The supported parameters are the same as those for the
SendCommandAPI call. For more information, see SendCommand in the AWS Systems Manager API Reference.Required: No
Type: Json
Update requires: No interruption
ServiceRoleArn-
The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run
RegisterTaskWithMaintenanceWindow.However, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see Setting up Maintenance Windows in the in the AWS Systems Manager User Guide.
Required: No
Type: String
Update requires: No interruption
TimeoutSeconds-
If this time is reached and the command hasn't already started running, it doesn't run.
Required: No
Type: Integer
Minimum:
30Maximum:
2592000Update requires: No interruption
