I am trying to patch and manage the execution of AWS SSM document from my root account. I am trying to do automation using Terraform version 12. But I dont see the support of multi account in their document.
I am trying to set up this:
Could someone please help which resource to use
In order to use the automation document for deploying patches to multiple accounts, we need to ensure the below four steps are accomplished:
1. Create a Resource Group
2. Create an IAM Role for Master Account and an IAM Role for Target(s) account.
3. Create a Document
4. Execute the Automation Document.
We will be able to create the Resource group using aws_resourcegroups_group [1]. While we can create the IAM roles for both accounts using the aws_iam_role resource [2], we will be able to create the automation document using aws_ssm_document [3]. However, the arguments which need to be specified for executing the automation document by specifying the option for multiple account support aren't available publicly.