Import Actions

Overview

CloudTruth Import actions allow you to directly import parameters and secrets from an Integration source.
Import Action Supported Integrations
Types
AWS Parameter store (SSM)
String; SecureString
Configuring an import action allows you to match specific patterns in your AWS parameters store keys for import. An AWS integration for SSM must be created as a source to import parameters and secrets from.

Creating an Import Action

From the Actions Import page, click Import.
  1. 1.
    Provide the action a name.
  2. 2.
    Select a region where the parameters and secrets exist for import.
  3. 3.
    Click Next.
Selecting a Region and Service
Once you have selected the region and service, you can define the pattern matching strategy that will be used to identify the Environment, Project, and Parameter name for each item that is imported. You can define the pattern matching using one of two styles:
  1. 1.
    Mustache pattern matching allows you to define a simple expression using a familiar templating language. Note that internally this will use "greedy matching", so if your parameter name contains slashes then you will probably want to use regular expressions instead. For example: /{{ environment }}/{{ project }}/{{ parameter }} \
  2. 2.
    For more complex matching, you can define a Python-compatible regular expression with named capture groups. You may want to leverage a tool like Regex101 which allows you to build, understand, and test Python regular expressions. For example: ^/(?P<environment>[^/]+)/(?P<project>[^/]+)/(?P<parameter>.+)$
Defining a Pattern Matching Expression
To assist you in creating the pattern matching expression, you can click on the Test button. This will run your pattern matching against the service in the selected region and show you which content matches and which content was skipped. You can check that the correct items match, and that the extracted environment, project, and parameter name is what you expect it to be:
Once you have defined your resource pattern click Preview.
You now have the options to perform a Dry Run or directly Create Import.
It is recommended to perform a Dry Run first, especially if you did not test your pattern. It's always good to know before hand what you will be importing!

Dry Run

A dry run task
will show you resources that will be created as part of the import.

Create Import

Running a create import will create the resources directly at action create time.
The created import action is now displayed on the Actions Import page for the selected project(s).
Action information is also associated with the selected integration on the Import tab. The integration actions table displays all actions associated with the integration across all projects.
Import action details
Click on an action from the import Actions page to get detailed information and tasks. Tasks are expandable and display the evaluated resource name that is used for the imported. If an action fails you will find detailed logging in the Tasks table. By default status only display tasks that contain changes to the parameters and secrets. You can use the Only Changes toggle to display tasks had a no-op.

Managing Import Actions

You can edit, initiate a sync (Dry Run), sync (Run) , or delete an action from any of the Import actions tables or on the detailed action page with the menu button.

Editing an Import action

You can edit the name of an action, description, and Resource pattern that defines an import.

Syncing an Import action

You can perform a manual sync from the import action menu. The manual sync operation allows you to perform a dry run of the Import or initiate a manual live sync.

Deleting an Import action

Deleting an Import action will retain all imported information even if the action is deleted.