如何在 Cloudformation 中使用嵌套列表或附加到列表?
How do I use nested lists or append to a list in Cloudformation?
我想为该资源提供 2 个存在于堆栈之外的安全组,外加一个作为堆栈的一部分创建的...
我已尝试以下操作并收到错误:
Value of property SecurityGroups must be of type List of String
SecurityGroups:
- !FindInMap [ envMap, !Ref env, securityGroups ]
- !GetAtt SG.GroupId
供参考,这是我的地图
Mappings:
envMap:
qa:
"securityGroups":
- sg-xxxxxxxx
- sg-yyyyyyyy
这是资源
LoadBalancer:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
Name: !Join
- '-'
- - 'OR'
- 'ALB'
- !Ref env
Scheme: internal
SecurityGroups: !FindInMap [ envMap, !Ref env, securityGroups ]
Subnets: !FindInMap [ envMap, !Ref env, subnets ]
Type: application
IpAddressType: ipv4
编辑:这是我的固定代码
"securityGroups": 'sg-xxxxxx,sg-yyyyyy'
LoadBalancer:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
Name: !Join
- '-'
- - !Ref appname
- 'ALB2'
- !Ref env
Scheme: !FindInMap [ envMap, !Ref env, inorex ]
SecurityGroups: !Split
- ','
- !Join
- ','
- - !Ref SG
- !FindInMap [ envMap, !Ref env, securityGroups ]
Subnets: !FindInMap [ envMap, !Ref env, exsubnets ]
Type: application
IpAddressType: ipv4`
为了向 Fn::FindInMap 函数提供的字符串值列表添加额外的安全组,我们需要使用 Fn::FindInMap 的 return 值构造一个新的字符串值列表] 并使用 Fn::Sub 函数添加额外的安全组。
Parameters:
env:
Default: qa
Type: String
Mappings:
envMap:
qa:
securityGroups: 'sg-xxxxxxxx,sg-xxxxxxxx'
sub:
subnets: 'subnet-xxxxxxxx,subnet-xxxxxxxx'
Resources:
LoadBalancer:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
Name: !Join
- '-'
- - OR
- ALB
- !Ref env
Scheme: internal
SecurityGroups: !Split
- ','
- !Sub
- 'sg-xxxxxxx,${mappedGroup}'
- mappedGroup: !FindInMap
- envMap
- !Ref env
- securityGroups
Subnets: !Split
- ','
- !FindInMap
- envMap
- sub
- subnets
Type: application
IpAddressType: ipv4
``
我想为该资源提供 2 个存在于堆栈之外的安全组,外加一个作为堆栈的一部分创建的...
我已尝试以下操作并收到错误:
Value of property SecurityGroups must be of type List of String
SecurityGroups:
- !FindInMap [ envMap, !Ref env, securityGroups ]
- !GetAtt SG.GroupId
供参考,这是我的地图
Mappings:
envMap:
qa:
"securityGroups":
- sg-xxxxxxxx
- sg-yyyyyyyy
这是资源
LoadBalancer:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
Name: !Join
- '-'
- - 'OR'
- 'ALB'
- !Ref env
Scheme: internal
SecurityGroups: !FindInMap [ envMap, !Ref env, securityGroups ]
Subnets: !FindInMap [ envMap, !Ref env, subnets ]
Type: application
IpAddressType: ipv4
编辑:这是我的固定代码
"securityGroups": 'sg-xxxxxx,sg-yyyyyy'
LoadBalancer:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
Name: !Join
- '-'
- - !Ref appname
- 'ALB2'
- !Ref env
Scheme: !FindInMap [ envMap, !Ref env, inorex ]
SecurityGroups: !Split
- ','
- !Join
- ','
- - !Ref SG
- !FindInMap [ envMap, !Ref env, securityGroups ]
Subnets: !FindInMap [ envMap, !Ref env, exsubnets ]
Type: application
IpAddressType: ipv4`
为了向 Fn::FindInMap 函数提供的字符串值列表添加额外的安全组,我们需要使用 Fn::FindInMap 的 return 值构造一个新的字符串值列表] 并使用 Fn::Sub 函数添加额外的安全组。
Parameters:
env:
Default: qa
Type: String
Mappings:
envMap:
qa:
securityGroups: 'sg-xxxxxxxx,sg-xxxxxxxx'
sub:
subnets: 'subnet-xxxxxxxx,subnet-xxxxxxxx'
Resources:
LoadBalancer:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
Name: !Join
- '-'
- - OR
- ALB
- !Ref env
Scheme: internal
SecurityGroups: !Split
- ','
- !Sub
- 'sg-xxxxxxx,${mappedGroup}'
- mappedGroup: !FindInMap
- envMap
- !Ref env
- securityGroups
Subnets: !Split
- ','
- !FindInMap
- envMap
- sub
- subnets
Type: application
IpAddressType: ipv4
``