I have a CloudFormation template that create a set of SSM commands to manage my Linux EC2 instances. This commands must have access to my AWS account number to do some tasks.
On my CloudFormation template, I did :
AWSTemplateFormatVersion: '2010-09-09'
Description: Sample SSM commands
MyCommand1:
Type: AWS::SSM::Document
Properties:
DocumentType: Command
Content:
schemaVersion: "2.2"
parameters: {}
mainSteps:
- action: aws:runShellScript
name : command1
inputs:
runCommand:
- echo "this command run on the selected EC2 instance" && echo "You are running this on account {{global:ACCOUNT_ID}}"
Outputs:
Command1ID:
Description: MyCommand1
Value: !Ref MyCommand1
This template install the function, and I can run it from the SSM web console.
But the {{global:ACCOUNT_ID}} is not valued to my account number. It is valued to the string "{{global:ACCOUNT_ID}}". So I presume this is not the good syntax to use global var from an SSM command.
So, after reading the doc here https://docs.aws.amazon.com/systems-manager/latest/userguide/walkthrough-cli.html I tried to test this via the CLI only (to quickly test other syntax) :
$> sh_command_id=$(aws ssm send-command --instance-ids "i-0cb0c0ea8ef7339f1" --document-name "AWS-RunShellScript" --parameters commands='echo You are running this on account {{global:ACCOUNT_ID}}' --output text --query "Command.CommandId")
but the command failed with a parsing error Error parsing parameter '--parameters': Expected: ',', received: '}' for input
What is the correct syntax to use the {{global:*}} things in SSM "runCommand" action ?
