AWS CloudFormation 在区域之间映射不同的环境
AWS CloudFormation mapping different environments between regions
我对 CloudFormation 过程相当陌生,现在我正在取得一些进展,但我想将我的映射基于环境参数和区域,我在想类似的事情:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Basic stack",
"Parameters": {
"EnvironmentType": {
"Description": "Production or Development environment",
"Type": "String",
"AllowedValues": ["Prod", "Dev"],
"ConstraintDescription": "Must be an allowed value"
}
},
"Mappings":{
"VPC": {
"Prod": {
"us-east-1" : "vpc-12345678",
"eu-central-1" : "vpc-abcdefgh",
"ap-southeast-1" : "vpc-abcd1234"
},
"Dev": { "us-east-1" : "vpc-1234efgh" }
}
},
"Resources": {
"ApplicationSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Fn::FindInMap" : [
"VPC",
{ "Ref" : "EnvironmentType" },
{ "Ref": "AWS::Region" }
]
},
"SecurityGroupEgress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
}
}
}
然而,当我尝试这样做时,出现模板格式错误“映射属性名称 'us-east-1' 必须仅包含字母数字字符。”
如何根据环境和区域使这个 select 成为正确的 VPC id?
尝试反转传递给 Fn::FindInMap 的两个映射层(AWS::Region 后跟 EnvironmentType):
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Basic stack",
"Parameters": {
"EnvironmentType": {
"Description": "Production or Development environment",
"Type": "String",
"AllowedValues": ["Prod", "Dev"],
"ConstraintDescription": "Must be an allowed value"
}
},
"Mappings":{
"VPC": {
"us-east-1": {
"Prod": "vpc-12345678",
"Dev": "vpc-1234efgh"
},
"eu-central-1": {
"Prod": "vpc-abcdefgh"
},
"ap-southeast-1": {
"Prod": "vpc-abcd1234"
}
}
},
"Resources": {
"ApplicationSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Fn::FindInMap" : [
"VPC",
{ "Ref": "AWS::Region" },
{ "Ref" : "EnvironmentType" }
]
},
"SecurityGroupEgress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
}
}
}
我对 CloudFormation 过程相当陌生,现在我正在取得一些进展,但我想将我的映射基于环境参数和区域,我在想类似的事情:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Basic stack",
"Parameters": {
"EnvironmentType": {
"Description": "Production or Development environment",
"Type": "String",
"AllowedValues": ["Prod", "Dev"],
"ConstraintDescription": "Must be an allowed value"
}
},
"Mappings":{
"VPC": {
"Prod": {
"us-east-1" : "vpc-12345678",
"eu-central-1" : "vpc-abcdefgh",
"ap-southeast-1" : "vpc-abcd1234"
},
"Dev": { "us-east-1" : "vpc-1234efgh" }
}
},
"Resources": {
"ApplicationSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Fn::FindInMap" : [
"VPC",
{ "Ref" : "EnvironmentType" },
{ "Ref": "AWS::Region" }
]
},
"SecurityGroupEgress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
}
}
}
然而,当我尝试这样做时,出现模板格式错误“映射属性名称 'us-east-1' 必须仅包含字母数字字符。”
如何根据环境和区域使这个 select 成为正确的 VPC id?
尝试反转传递给 Fn::FindInMap 的两个映射层(AWS::Region 后跟 EnvironmentType):
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Basic stack",
"Parameters": {
"EnvironmentType": {
"Description": "Production or Development environment",
"Type": "String",
"AllowedValues": ["Prod", "Dev"],
"ConstraintDescription": "Must be an allowed value"
}
},
"Mappings":{
"VPC": {
"us-east-1": {
"Prod": "vpc-12345678",
"Dev": "vpc-1234efgh"
},
"eu-central-1": {
"Prod": "vpc-abcdefgh"
},
"ap-southeast-1": {
"Prod": "vpc-abcd1234"
}
}
},
"Resources": {
"ApplicationSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Fn::FindInMap" : [
"VPC",
{ "Ref": "AWS::Region" },
{ "Ref" : "EnvironmentType" }
]
},
"SecurityGroupEgress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
}
}
}