时间戳

首页 > 解决方案 > 如何在嵌套堆栈中使用 AWS CloudFormation 模板中的映射

amazon-web-services - 如何在嵌套堆栈中使用 AWS CloudFormation 模板中的映射

问题描述

让我们考虑以下内容Mappings,并FindInMap在同一 AWS CloudFormation 模板中使用。他们会工作的。

现在,考虑模板中的VpcIds下方,我正在尝试使用模板中的资源从模板创建资源。Mappingsmaster.yamlEgressOnlyInternetGatewaynested.yamlMappingsmaster.yaml

我怎样才能做到这一点?

# master.yaml
Mappings:
  VpcIds:
    us-east-1: 
      "123456789012": "vpc-00011122233344455"
      "234567890123": "vpc-11122233344455566"
    us-west-1: 
      "123456789012": "vpc-22233344455566677"
      "234567890123": "vpc-33344455566677788"


# nested.yaml
Resources:
  EgressOnlyInternetGateway:
    Type: AWS::EC2::EgressOnlyInternetGateway
    Properties:
      VpcId: !FindInMap [VpcIds, !Ref "AWS::Region", !Ref "AWS::AccountId"]

更新:我正在尝试使用定义的映射参数MyTestNestedSgMyTestNestedStack( ) 中创建资源,如下所示。我收到错误:,反对。MyTestNestedStack.yamlMyTestMasterStackParameter values specified for a template which does not require themMyTestNestedStack

我该如何解决这个问题?

请注意,MyTestMasterSg下面的资源MyTestMasterStack只是为了完整性。

# MyTestMasterStack.yaml
Mappings:
  VpcIds:
    us-east-1: 
      "123456789012": "vpc-00011122233344455" 
      "234567890123": "vpc-11122233344455566" 

Resources:
  MyTestNestedStack:
    Type: AWS::CloudFormation::Stack
    Properties: 
      Parameters: 
        VpcId: !FindInMap [VpcIds, !Ref "AWS::Region", !Ref "AWS::AccountId"]
      TemplateURL: "https://s3.amazonaws.com/my_template_bucket_name/MyTestNestedStack.yaml"
      TimeoutInMinutes: 60

  MyTestMasterSg:
    Type: AWS::EC2::SecurityGroup
    Properties:
      VpcId: "vpc-017a12485ad93e94a"
      GroupDescription: Testing resource creation wtih Mappings from the parent Stack
      GroupName: MyTestMasterSg
      SecurityGroupIngress:
        - CidrIp: 10.1.0.0/16
          FromPort: 80
          IpProtocol: tcp
          ToPort: 80

# MyTestNestedStack.yaml
Resources:
  MyTestNestedSg:
    Type: AWS::EC2::SecurityGroup
    Properties:
      VpcId: !Ref VpcId
      GroupDescription: Testing resource creation wtih Mappings from the parent Stack
      GroupName: MyTestNestedSg
      SecurityGroupIngress:
        - CidrIp: 10.1.0.0/16
          FromPort: 8080
          IpProtocol: tcp
          ToPort: 8080

标签: amazon-web-servicesmappingamazon-cloudformationnested-stack

解决方案

你不能这样做。您必须通过参数将解析的映射值传递到您的AWS::CloudFormation::Stack资源。

嵌套堆栈应该是自给自足的,它们无权访问父堆栈的参数、映射或资源。它们只能处理您明确传递ParametersAWS::CloudFormation::Stack资源数据。

所以在堆栈中你必须这样做:

MyNestedStack:
  Type: AWS::CloudFormation::Stack
  Properties: 
    Parameters: 
      VpcId : !FindInMap [VpcIds, !Ref "AWS::Region", !Ref "AWS::AccountId"]
  TemplateURL: String

更新

MyTestNestedStack.yaml不见了Paramters

Parameters:
  
  VpcId:
    Type: AWS::EC2::VPC::Id

推荐阅读