search

awslabs / aws-config-resource-schema

AWS Config resource schema define the properties and types of AWS Config resource configuration items (CIs). Resource CI schema are used by developers when performing advanced resource queries and when processing CI data.
Apache License 2.0
233 stars 60 forks source link

Add query support for AWS::SSM::Parameter #37

Open iainelder opened 1 year ago

iainelder commented 1 year ago

I have a parameter that is deployed across all accounts in my organization.

The parameter has been configured differently in some accounts. I want to check how the configuration varies across the organization.

Specifically I want to check which parameters with a given name across the organization are using standard-tier v advanced-tier.

So I was surprised to discover today that AWS Config does not yet support SSM Parameters at all.

I expected a query like this to give me a summary of one type versus the other.

SELECT
  configuration.tier,
  COUNT(*)
WHERE
  resourceType = 'AWS::SSM::Parameter'
  AND resourceName = '/my/org/wide/param'
GROUP BY
  configuration.tier
;

With a result like this:

configuration.tier COUNT(*)
Standard 1111
Advanced 2222
clustermaster99 commented 7 months ago

I second this! Looking for the same to validate proper log group usage for Systems Manager

matthew-mattoon commented 5 months ago

I too would like this, especially to confirm Secure-String.