amazon-web-services - CloudFormation S3 Bucket/BucketPolicy 创建 - 模板的 Resources 块中未解决的资源依赖项 [Environment]
问题描述
我最近开始学习我的第一个 AWS 认证,同时我也开始使用 CloudFormation。但是,我遇到了障碍。
我的问题:我正在尝试创建一个 S3 存储桶并将存储桶策略附加到它。但是,每当我尝试验证模板时,都会收到以下错误:
An error occurred (ValidationError) when calling the ValidateTemplate operation: Template format error: Unresolved resource dependencies [Environment] in the Resources block of the template
我做了什么:
LogsBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub my-cluster-logs-${Environment}
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
PublicAccessBlockConfiguration:
BlockPublicAcls: true
BlockPublicPolicy: true
IgnorePublicAcls: true
RestrictPublicBuckets: true
LifecycleConfiguration:
Rules:
- Id: Log expiry policy
ExpirationInDays: 90
Status: Enabled
- Id: Change tier
Status: Enabled
Transitions:
- StorageClass: STANDARD_IA
TransitionInDays: 30
DeletionPolicy: Delete
LogsBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: 'LogsBucket'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- s3:PutObject
Resource:
- Fn::Join:
- ''
-
- !GetAtt LogsBucket.Arn
- '/*'
Principal:
AWS: #removed_for_this_post
DependsOn:
- LogsBucket
我已经尝试了各种各样的东西,但我仍然得到错误。
结论 有什么想法吗?顺便说一下,该模板是一个有效的 YAML 模板。先感谢您!
解决方案
把这个贴在上面
Parameters:
Environment:
Type: String
And pass in a parameter name "Environment" from either your command or your deployment pipeline.
If you are say running a separate dev and production account you cannot just use the same bucketname since S3 bucket names must be unique worldwide, not just unique to your account.
推荐阅读
- facebook-opengraph - sitefinity 版本 11 打开图
- java - 多线程 - 为什么以下程序的行为如此奇怪?
- html - 3 个
- amazon-web-services - AWS EFS - 创建文件系统后创建挂载目标的脚本
- node.js - 事务没有失败,但是字段写错了
- cocoa - GPUImage 无法在 iOS 12 上编译
- openstack - 添加资源时,Terraform 身份验证不起作用
- python - 使用 Pandas 将 JSON 转换为具有特定字段的 CSV
- python - 在 Pandas Dataframe 中查找匹配字符串,从特定索引开始
- xcode - Xcode 10 不编译依赖项