fix(ssm): cannot import a ssm parameter with a name containing unreso…

…lved token (#25749)

Previously, when we import a SSM parameter by `ssm.StringParameter.fromStringParameterAttributes`, we use `CfnParameter` to get the value. 

```json
  "Parameters": {
    "importsqsstringparamParameter": {
      "Type": "AWS::SSM::Parameter::Value<String>",
      "Default": {
        "Fn::ImportValue": "some-exported-value-holding-the-param-name"
      }
    },
```

However, `Parameters.<Name>.Default` only allows a concrete string value. If it contains e.g. intrinsic functions, we get an error like this from CFn: `Template format error: Every Default member must be a string.`

This PR changes the behavior of `fromStringParameterAttributes` method. Now it uses `CfnDynamicReference` instead of `CfnParameter` if a parameter name contains unresolved tokens.

Since previously the case when `Token.isUnresolved(attrs.parameterName) == true` just resulted in a deployment error, this is not a breaking change.

Closes #17094

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.assets.json

@@ -0,0 +1,19 @@
+{
+  "version": "32.0.0",
+  "files": {
+    "0c9f637062451a2002409e9c30b657f39990631000a05a12bef7fcdb73ec5332": {
+      "source": {
+        "path": "Import-SSM-Parameter.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-current_region": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
+          "objectKey": "0c9f637062451a2002409e9c30b657f39990631000a05a12bef7fcdb73ec5332.json",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/Import-SSM-Parameter.template.json

@@ -0,0 +1,85 @@
+{
+ "Resources": {
+  "StringParameter472EED0E": {
+   "Type": "AWS::SSM::Parameter",
+   "Properties": {
+    "Type": "String",
+    "Value": "Initial parameter value",
+    "Name": "import-parameter-test"
+   }
+  }
+ },
+ "Parameters": {
+  "ImportedWithNameParameter": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-ebs"
+  },
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Outputs": {
+  "ImportedWithNameOutput": {
+   "Value": {
+    "Ref": "ImportedWithNameParameter"
+   }
+  },
+  "ImportedWithIntrinsicOutput": {
+   "Value": {
+    "Fn::Join": [
+     "",
+     [
+      "{{resolve:ssm:",
+      {
+       "Ref": "StringParameter472EED0E"
+      },
+      "}}"
+     ]
+    ]
+   }
+  },
+  "ImportedWithForceFlagOutput": {
+   "Value": {
+    "Fn::Join": [
+     "",
+     [
+      "{{resolve:ssm:",
+      {
+       "Ref": "StringParameter472EED0E"
+      },
+      "}}"
+     ]
+    ]
+   }
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdk.out

@@ -0,0 +1 @@
+{"version":"32.0.0"}

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets.json

@@ -0,0 +1,19 @@
+{
+  "version": "32.0.0",
+  "files": {
+    "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22": {
+      "source": {
+        "path": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json",
+        "packaging": "file"
+      },
+      "destinations": {
+        "current_account-current_region": {
+          "bucketName": "cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}",
+          "objectKey": "21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
+          "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-file-publishing-role-${AWS::AccountId}-${AWS::Region}"
+        }
+      }
+    }
+  },
+  "dockerImages": {}
+}

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json

@@ -0,0 +1,36 @@
+{
+ "Parameters": {
+  "BootstrapVersion": {
+   "Type": "AWS::SSM::Parameter::Value<String>",
+   "Default": "/cdk-bootstrap/hnb659fds/version",
+   "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]"
+  }
+ },
+ "Rules": {
+  "CheckBootstrapVersion": {
+   "Assertions": [
+    {
+     "Assert": {
+      "Fn::Not": [
+       {
+        "Fn::Contains": [
+         [
+          "1",
+          "2",
+          "3",
+          "4",
+          "5"
+         ],
+         {
+          "Ref": "BootstrapVersion"
+         }
+        ]
+       }
+      ]
+     },
+     "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI."
+    }
+   ]
+  }
+ }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/integ.json

@@ -0,0 +1,12 @@
+{
+  "version": "32.0.0",
+  "testCases": {
+    "cdk-integ-import-ssm-parameter/DefaultTest": {
+      "stacks": [
+        "Import-SSM-Parameter"
+      ],
+      "assertionStack": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert",
+      "assertionStackName": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843"
+    }
+  }
+}

packages/@aws-cdk-testing/framework-integ/test/aws-ssm/test/integ.import-parameter.js.snapshot/manifest.json

@@ -0,0 +1,135 @@
+{
+  "version": "32.0.0",
+  "artifacts": {
+    "Import-SSM-Parameter.assets": {
+      "type": "cdk:asset-manifest",
+      "properties": {
+        "file": "Import-SSM-Parameter.assets.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+      }
+    },
+    "Import-SSM-Parameter": {
+      "type": "aws:cloudformation:stack",
+      "environment": "aws://unknown-account/unknown-region",
+      "properties": {
+        "templateFile": "Import-SSM-Parameter.template.json",
+        "validateOnSynth": false,
+        "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
+        "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/0c9f637062451a2002409e9c30b657f39990631000a05a12bef7fcdb73ec5332.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
+        "additionalDependencies": [
+          "Import-SSM-Parameter.assets"
+        ],
+        "lookupRole": {
+          "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}",
+          "requiresBootstrapStackVersion": 8,
+          "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+        }
+      },
+      "dependencies": [
+        "Import-SSM-Parameter.assets"
+      ],
+      "metadata": {
+        "/Import-SSM-Parameter/StringParameter/Resource": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "StringParameter472EED0E"
+          }
+        ],
+        "/Import-SSM-Parameter/ImportedWithName.Parameter": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "ImportedWithNameParameter"
+          }
+        ],
+        "/Import-SSM-Parameter/ImportedWithNameOutput": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "ImportedWithNameOutput"
+          }
+        ],
+        "/Import-SSM-Parameter/ImportedWithIntrinsicOutput": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "ImportedWithIntrinsicOutput"
+          }
+        ],
+        "/Import-SSM-Parameter/ImportedWithForceFlagOutput": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "ImportedWithForceFlagOutput"
+          }
+        ],
+        "/Import-SSM-Parameter/BootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "BootstrapVersion"
+          }
+        ],
+        "/Import-SSM-Parameter/CheckBootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "CheckBootstrapVersion"
+          }
+        ]
+      },
+      "displayName": "Import-SSM-Parameter"
+    },
+    "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets": {
+      "type": "cdk:asset-manifest",
+      "properties": {
+        "file": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+      }
+    },
+    "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843": {
+      "type": "aws:cloudformation:stack",
+      "environment": "aws://unknown-account/unknown-region",
+      "properties": {
+        "templateFile": "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.template.json",
+        "validateOnSynth": false,
+        "assumeRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-deploy-role-${AWS::AccountId}-${AWS::Region}",
+        "cloudFormationExecutionRoleArn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-cfn-exec-role-${AWS::AccountId}-${AWS::Region}",
+        "stackTemplateAssetObjectUrl": "s3://cdk-hnb659fds-assets-${AWS::AccountId}-${AWS::Region}/21fbb51d7b23f6a6c262b46a9caee79d744a3ac019fd45422d988b96d44b2a22.json",
+        "requiresBootstrapStackVersion": 6,
+        "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version",
+        "additionalDependencies": [
+          "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets"
+        ],
+        "lookupRole": {
+          "arn": "arn:${AWS::Partition}:iam::${AWS::AccountId}:role/cdk-hnb659fds-lookup-role-${AWS::AccountId}-${AWS::Region}",
+          "requiresBootstrapStackVersion": 8,
+          "bootstrapStackVersionSsmParameter": "/cdk-bootstrap/hnb659fds/version"
+        }
+      },
+      "dependencies": [
+        "cdkintegimportssmparameterDefaultTestDeployAssert2A3D6843.assets"
+      ],
+      "metadata": {
+        "/cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert/BootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "BootstrapVersion"
+          }
+        ],
+        "/cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert/CheckBootstrapVersion": [
+          {
+            "type": "aws:cdk:logicalId",
+            "data": "CheckBootstrapVersion"
+          }
+        ]
+      },
+      "displayName": "cdk-integ-import-ssm-parameter/DefaultTest/DeployAssert"
+    },
+    "Tree": {
+      "type": "cdk:tree",
+      "properties": {
+        "file": "tree.json"
+      }
+    }
+  }
+}