Amazon web services 基于条件块创建一个资源,它从cloudformation中的自定义资源获取输出?
我正在根据从自定义资源(即Amazon web services 基于条件块创建一个资源,它从cloudformation中的自定义资源获取输出?,amazon-web-services,amazon-cloudformation,Amazon Web Services,Amazon Cloudformation,我正在根据从自定义资源(即True或False)获取输出的条件创建一个S3Bucket。我的堆栈模板如下所示 { "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "BucketName": { "Type": "String", "Description": "Name of the Bucket." } }, "Conditions" : { "BucketExi
True
或False
)获取输出的条件创建一个S3Bucket
。我的堆栈模板如下所示
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"BucketName": {
"Type": "String",
"Description": "Name of the Bucket."
}
},
"Conditions" : {
"BucketExistsOutput" : {"Fn::Equals" : [{ "Fn::GetAtt" : [ "BucketExists", "Output" ]}, "False"]}
},
"Resources": {
"S3BucketARN": {
"Type" : "AWS::S3::Bucket",
"Condition" : "BucketExistsOutput",
"Properties" : {
"BucketName" : { "Ref" : "BucketName" }
}
},
"DeploymentLambdaRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "PermissionsToLogsAndS3",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"*"
]
}
]
}
}
]
}
},
"DeploymentLambda": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Role": {
"Fn::GetAtt": [
"DeploymentLambdaRole",
"Arn"
]
},
"Handler": "bucketexists.handler",
"Runtime": "nodejs4.3",
"Code": {
"S3Bucket": "xxxx-xx",
"S3Key": "bucketcondition.zip"
}
}
},
"BucketExists": {
"Type": "Custom::BucketExists",
"Properties": {
"ServiceToken": {
"Fn::GetAtt": [
"DeploymentLambda",
"Arn"
]
},
"Bucket": {
"Ref": "BucketName"
}
}
}
},
"Outputs" : {
"BucketExistsValue" : {
"Description": "The Value of custom bucket lambda",
"Value" : { "Fn::GetAtt" : [ "BucketExists", "Output" ]}
}
}
}
这是在抛出这样的错误
模板无效:模板格式错误:未解析的依赖项
[BucketExists]。无法引用的条件块中的资源
模板
也就是说我不能指向我的条件块中的资源
我怎样才能解决这个问题?他们有什么解决办法吗?
谢谢
非常感谢您的帮助我可以通过将上面的堆栈分为两部分来解决我的问题 1。用于定制lambda的堆栈
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"ProjectId": {
"Type": "String",
"Description": "Name of the ProjectId."
},
"BucketName": {
"Type": "String",
"Description": "Name of the BucketName."
}
},
"Resources": {
"DeploymentLambdaRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "PermissionsToLogsAndS3",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"*"
]
}
]
}
}
]
}
},
"DeploymentLambda": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Role": {
"Fn::GetAtt": [
"DeploymentLambdaRole",
"Arn"
]
},
"Handler": "bucketexists.handler",
"Runtime": "nodejs4.3",
"Code": {
"S3Bucket": "xxxxxxxx",
"S3Key": "bucketcondition.zip"
}
}
},
"BucketExists": {
"Type": "Custom::BucketExists",
"Properties": {
"ServiceToken": {
"Fn::GetAtt": [
"DeploymentLambda",
"Arn"
]
},
"Bucket": {
"Ref": "BucketName"
}
}
}
},
"Outputs" : {
"BucketExistsValue" : {
"Description": "The Value of custom bucket lambda",
"Value" : { "Fn::GetAtt" : [ "BucketExists", "Output" ]}
}
}
}
2。S3存储桶的堆栈
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"BucketExistsValue": {
"Type": "String",
"Description": "Return value of the Bucket."
},
"ProjectId": {
"Type": "String",
"Description": "Name of the Project."
}
},
"Conditions" : {
"BucketExistsOutput" : {"Fn::Equals" : [{ "Ref" :"BucketExistsValue" }, "False"]}
},
"Resources": {
"S3BucketARN": {
"Type" : "AWS::S3::Bucket",
"Condition" : "BucketExistsOutput",
"Properties" : {
"BucketName" : { "Fn::Join": [
"-",
[
"testpika",
{
"Ref": "ProjectId"
},
{
"Ref": "AWS::Region"
}
]
] }
}
}
}
}
使用codepippeline
我在部署阶段1中创建了两个操作,然后是2(即1->2)。在第一个堆栈中,我将自定义lambda的输出作为键值对存储在输出工件中,在第二个堆栈中,我将使用输出工件将自定义lambda键值对作为输入参数传递
谢谢我可以通过将上面的堆栈分为两部分来解决我的问题 1。用于定制lambda的堆栈
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"ProjectId": {
"Type": "String",
"Description": "Name of the ProjectId."
},
"BucketName": {
"Type": "String",
"Description": "Name of the BucketName."
}
},
"Resources": {
"DeploymentLambdaRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "PermissionsToLogsAndS3",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents",
"logs:DescribeLogStreams"
],
"Resource": [
"arn:aws:logs:*:*:*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:*"
],
"Resource": [
"*"
]
}
]
}
}
]
}
},
"DeploymentLambda": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Role": {
"Fn::GetAtt": [
"DeploymentLambdaRole",
"Arn"
]
},
"Handler": "bucketexists.handler",
"Runtime": "nodejs4.3",
"Code": {
"S3Bucket": "xxxxxxxx",
"S3Key": "bucketcondition.zip"
}
}
},
"BucketExists": {
"Type": "Custom::BucketExists",
"Properties": {
"ServiceToken": {
"Fn::GetAtt": [
"DeploymentLambda",
"Arn"
]
},
"Bucket": {
"Ref": "BucketName"
}
}
}
},
"Outputs" : {
"BucketExistsValue" : {
"Description": "The Value of custom bucket lambda",
"Value" : { "Fn::GetAtt" : [ "BucketExists", "Output" ]}
}
}
}
2。S3存储桶的堆栈
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"BucketExistsValue": {
"Type": "String",
"Description": "Return value of the Bucket."
},
"ProjectId": {
"Type": "String",
"Description": "Name of the Project."
}
},
"Conditions" : {
"BucketExistsOutput" : {"Fn::Equals" : [{ "Ref" :"BucketExistsValue" }, "False"]}
},
"Resources": {
"S3BucketARN": {
"Type" : "AWS::S3::Bucket",
"Condition" : "BucketExistsOutput",
"Properties" : {
"BucketName" : { "Fn::Join": [
"-",
[
"testpika",
{
"Ref": "ProjectId"
},
{
"Ref": "AWS::Region"
}
]
] }
}
}
}
}
使用codepippeline
我在部署阶段1中创建了两个操作,然后是2(即1->2)。在第一个堆栈中,我将自定义lambda的输出作为键值对存储在输出工件中,在第二个堆栈中,我将使用输出工件将自定义lambda键值对作为输入参数传递
谢谢我通过将该资源的输出设置为有条件的来解决这个问题。
您可以在官方文档的示例中找到该示例:我通过将该资源的输出设置为有条件的来解决此问题。
您可以在官方文档的示例中找到示例:直接在您的答案中发布示例会很有帮助:)直接在您的答案中发布示例会很有帮助:)对于任何不想使用CodePipeline来实现这一点的人,您应该能够使用嵌套堆栈来完成同样的事情。在第一个模板(“stackforcustomlambda”)中,只需创建一个使用第二个模板的
Stack
资源。将BucketExistsValue
作为参数传递给子堆栈;第二个模板中不需要任何更改。AWS文档:对于任何不想使用CodePipeline来实现这一点的人,您应该能够使用嵌套堆栈来完成同样的事情。在第一个模板(“stackforcustomlambda”)中,只需创建一个使用第二个模板的Stack
资源。将BucketExistsValue
作为参数传递给子堆栈;第二个模板中不需要任何更改。AWS文件: