问题描述
我有一个嵌套的 CloudFormation 模板,它接受来自其根模板的许多参数来配置它.目前我只传递简单的字符串参数,但现在我需要将 S3 存储桶 ARN 列表传递到子模板.
I've got a nested CloudFormation template which accepts a number of parameters from its root template to configure it. At the moment I'm only passing simple string parameters but now I need to pass a list of S3 bucket ARNs onto the child template.
ChildLambdaStack:
Type: AWS::CloudFormation::Stack
Properties:
Parameters:
AwsRegion: !Ref AwsRegion
Environment: !Ref Environment
Product: !Ref Product
S3Buckets: "arn:aws:s3:::bucket1,arn:aws:s3:::bucket2"
TemplateURL: "https://s3.amazonaws.com/child-template.yml"
然后在子模板中我有这个
And then in the child template I have this
AWSTemplateFormatVersion: "2010-09-09"
Description: "Child Lambda"
Parameters:
AwsRegion:
Type: String
Environment:
Type: String
Product:
Type: String
S3Buckets:
Type: String
Resources:
DeployerPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- s3:PutObject
- s3:GetObject
- s3:DeleteObject
- s3:CreateBucket
- s3:DeleteBucket
- s3:ListBucket
- s3:PutBucketNotification
Resource:
- Fn::Split:
- ","
- !Ref S3Buckets
我的想法是,我输入的 S3 存储桶 ARN 列表在子模板中展开,如下所示
My idea is that that list of S3 bucket ARNs that I'm inputting is expanded in the child template like this
Resource:
- arn:aws:s3:::bucket1
- arn:aws:s3:::bucket2
但是当我运行模板时,它只是出错
But when I run the template in, it just errors out
Syntax errors in policy. (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument)
我尝试了其他变体,例如使用 CommaDelimitedList 参数类型,但都不起作用.有没有一种简单的方法可以将字符串列表作为参数传入?
I've tried other variations like using a CommaDelimitedList parameter type, but none work. Is there a simple way to pass in a list of strings as a parameter?
推荐答案
因为 !Split 的返回值是 一个字符串值列表. 我会在方法如下:
Because the return value of !Split is A list of string values. I would do it in the following way:
[...]
Resource: !Split [",", !Ref S3Buckets]
[...]
这篇关于如何在 CloudFormation 中将字符串列表作为参数传递?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!