Top / Amazon Web Service / AWS Systems Manager / Resource Data Sync

AWS Systems Manager Resource Data Sync

This page shows how to write Terraform and CloudFormation for Systems Manager Resource Data Sync and write them securely.

terraform-logo

Review your .tf file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

aws_ssm_resource_data_sync (Terraform)

The Resource Data Sync in Systems Manager can be configured in Terraform with the resource name aws_ssm_resource_data_sync. The following sections describe 2 examples of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L7
resource "aws_ssm_resource_data_sync" "this" {
  name = var.name

  dynamic "s3_destination" {
    for_each = var.s3_destination
    content {
ssm.tf#L42
resource "aws_ssm_resource_data_sync" "test-datasync" {
  name = "sandbox-aws-data-sync"

  s3_destination {
    bucket_name = aws_s3_bucket.test-bucket.bucket
    region      = aws_s3_bucket.test-bucket.region

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

>> from Terraform Registry

Explanation in Terraform Registry

Provides a SSM resource data sync.

>> from Terraform Registry

AWS::SSM::ResourceDataSync (CloudFormation)

The ResourceDataSync in SSM can be configured in CloudFormation with the resource name AWS::SSM::ResourceDataSync. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

ssm-basics-inventory.yml#L8
    Type: "AWS::SSM::ResourceDataSync"
    Properties:
      BucketName: !Ref BucketName
      BucketRegion: !Ref AWS::Region
      SyncFormat: JsonSerDe
      SyncName: DemoResourceDataSync
ssm-workshop-resources-episode-04.yml#L243
    Type: AWS::SSM::ResourceDataSync
    Properties:
      SyncName: inventory-ssm-workshop
      S3Destination:
        BucketName: !Ref ResouceSyncBucket
        BucketPrefix: inventory
product.template-ca-central-1.yaml#L9
    Type: AWS::SSM::ResourceDataSync
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html
    Properties:
      SyncName: !Ref 'SyncName'
product.template-eu-central-1.yaml#L9
    Type: AWS::SSM::ResourceDataSync
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html
    Properties:
      SyncName: !Ref 'SyncName'
product.template-eu-west-3.yaml#L9
    Type: AWS::SSM::ResourceDataSync
    Description: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html
    Properties:
      SyncName: !Ref 'SyncName'
SSMResourceDataSyncSpecification.json#L3
    "AWS::SSM::ResourceDataSync": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html",
      "Properties": {
        "KMSKeyArn": {
          "Required": false,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html#cfn-ssm-resourcedatasync-kmskeyarn",
SSMResourceDataSyncSpecification.json#L3
    "AWS::SSM::ResourceDataSync": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html",
      "Properties": {
        "KMSKeyArn": {
          "Required": false,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html#cfn-ssm-resourcedatasync-kmskeyarn",
SSMResourceDataSyncSpecification.json#L3
    "AWS::SSM::ResourceDataSync.S3Destination": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-resourcedatasync-s3destination.html",
      "Properties": {
        "KMSKeyArn": {
          "Required": false,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-resourcedatasync-s3destination.html#cfn-ssm-resourcedatasync-s3destination-kmskeyarn",
SSMResourceDataSyncSpecification.json#L3
    "AWS::SSM::ResourceDataSync": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html",
      "Properties": {
        "KMSKeyArn": {
          "Required": false,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html#cfn-ssm-resourcedatasync-kmskeyarn",
SSMResourceDataSyncSpecification.json#L3
    "AWS::SSM::ResourceDataSync": {
      "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html",
      "Properties": {
        "KMSKeyArn": {
          "Required": false,
          "Documentation": "http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-resourcedatasync.html#cfn-ssm-resourcedatasync-kmskeyarn",

Parameters

>> from AWS CloudFormation Documentation

Explanation in CloudFormation Registry

The AWS::SSM::ResourceDataSync resource creates, updates, or deletes a resource data sync for AWS Systems Manager. A resource data sync helps you view data from multiple sources in a single location. Systems Manager offers two types of resource data sync: SyncToDestination and SyncFromSource.

You can configure Systems Manager Inventory to use the SyncToDestination type to synchronize Inventory data from multiple AWS Regions to a single Amazon S3 bucket. You can configure Systems Manager Explorer to use the SyncFromSource type to synchronize operational work items (OpsItems) and operational data (OpsData) from multiple AWS Regions. This type can synchronize OpsItems and OpsData from multiple AWS accounts and Regions or from an EntireOrganization by using AWS Organizations.

A resource data sync is an asynchronous operation that returns immediately. After a successful initial sync is completed, the system continuously syncs data.

By default, data is not encrypted in Amazon S3. We strongly recommend that you enable encryption in Amazon S3 to ensure secure data storage. We also recommend that you secure access to the Amazon S3 bucket by creating a restrictive bucket policy. For more information, see Configuring Inventory Collection and Setting Up Systems Manager Explorer to Display Data from Multiple Accounts and Regions in the AWS Systems Manager User Guide.

Important: The following Syntax section shows all fields that are supported for a resource data sync. The Examples section below shows the recommended way to specify configurations for each sync type. Please see the Examples section when you create your resource data sync.

>> from AWS CloudFormation Documentation

The Other Related AWS Systems Manager Resources

Frequently asked questions

What is AWS Systems Manager Resource Data Sync?

AWS Systems Manager Resource Data Sync is a resource for Systems Manager of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Systems Manager Resource Data Sync?

For Terraform, the niveklabs/aws and ciwen3/OSCP source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the rajjeet/CloudformationStarters, aws-samples/aws-cloud-and-hybrid-operations-workshop and awslabs/aws-service-catalog-products source code examples are useful. See the CloudFormation Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents