时间戳

首页 > 解决方案 > 将 CloudFormation 参数作为字符串列表传递

amazon-web-services - 将 CloudFormation 参数作为字符串列表传递

问题描述

我正在尝试通过参数将 Lambda 策略列表传递到我的 CloudFormation 脚本中,我找到了一些如何执行此操作的示例,但是当我尝试拆分我的 LambdaPolicies 参数时,它给出了属性 ManagedPolicyArns 的值必须是类型的错误字符串列表

AWSTemplateFormatVersion: '2010-09-09'
Transform: 'AWS::Serverless-2016-10-31'
Description: 
  An AWS Lambda application that calls the Lambda API.

Parameters:
  - LambdaName
  - LambdaVersion
  - LambdaCodeUriKey
  - LambdaCodeUriBucket
  - LambdaHandler
  - LambdaRuntime
  - LambdaTimeout
  - LambdaMemory
  - LambdaDescription
  - LambdaPolicies
  - LambdaTracing

Parameters:
  LambdaName:
    Description: The name of the Lambda function, this will be viewable within the AWS Management Console
    Type: String
    AllowedPattern: ^[-_A-Za-z-0-9][-_A-Za-z0-9 ]{1,126}[-_A-Za-z-0-9]$
    ConstraintDescription: The parameter must only contain Uppercase and lowercase letters and numbers
  LambdaVersion:
    Description: The version number for the component
    Type: String
    AllowedPattern: ^[0-9]+\.[0-9]+\.[0-9]+$
    ConstraintDescription: The parameter must match the following pattern for version. 10.2.3
  LambdaCodeUriKey:
    Description: The path to the Lambda code within the S3 bucket
    Type: String
  LambdaCodeUriBucket:
    Description: The name of the S3 bucket containing the Lambda code
    Type: String
    Default: 'default-s3-bucket'
  LambdaHandler:
    Description: The name for the Lambda handler which triggers the function
    Type: String
    Default: 'Handler::Handler.Bootstrap::ExecuteFunction'
  LambdaRuntime:
    Description: The name for the Lambda runtime
    Type: String
    Default: 'dotnetcore3.1'
  LambdaTimeout:
    Description: The timeout to be assigned to the Lambda function in seconds
    Type: Number
    Default: 30
  LambdaMemory:
    Description: The memory to be assigned to the Lambda function in MB
    Type: Number
    Default: 512
  LambdaPolicies:
    Description: A comma delimited list of Lambda policies to be assigned to the function
    Type: String
    Default: "AWSLambdaBasicExecutionRole,AWSLambda_ReadOnlyAccess,AWSXrayWriteOnlyAccess"

Resources:
  function:
    Type: AWS::Serverless::Function
    Properties:
      Handler: Handler::Handler.Bootstrap::ExecuteFunction
      Runtime: dotnetcore3.1
      CodeUri:
        Bucket: !Ref LambdaCodeUriBucket
        Key: !Ref LambdaCodeUriKey
      Description: Call the AWS Lambda API
      Timeout: 30
      MemorySize: 512
      # Function's execution role
      Policies: !Split [',', !Ref LambdaPolicies]
      Tracing: Active

下面是我试图通过我的参数创建的示例

Policies:
  - AWSLambdaBasicExecutionRole
  - AWSLambda_ReadOnlyAccess
  - AWSXrayWriteOnlyAccess

标签: amazon-web-servicesyamlamazon-cloudformation

解决方案

推荐阅读