使用带有 lambda 的自定义资源在 cloudformation 中导出输出
exporting outputs in cloudformation using custom resources with lambda
我 运行 使用自定义资源导出 route53 私有托管区域名称的 CFN 模板。我能够根据需要导出 hostedzonename,但无法将此 hostedzonename 导入另一个堆栈。
我收到此错误:
Value of property HostedZoneName must be of type String
感谢任何帮助。谢谢你。
这是我的代码。
AWSTemplateFormatVersion: 2010-09-09
Description: CloudFormation exports
Resources:
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
Policies:
- PolicyName: root
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- "logs:CreateLogGroup"
- "logs:CreateLogStream"
- "logs:PutLogEvents"
- "route53:Get*"
- "route53:List*"
- "route53:TestDNSAnswer"
Resource: "*"
GetCertARN:
Type: "AWS::Lambda::Function"
DeletionPolicy: Delete
DependsOn:
- LambdaExecutionRole
Properties:
Handler: "index.handler"
Role:
Fn::GetAtt:
- "LambdaExecutionRole"
- "Arn"
Runtime: "python3.7"
MemorySize: 128
Timeout: 100
Code:
ZipFile: |
import boto3
import botocore
import cfnresponse
route53 = boto3.client('route53')
def handler(event, context):
hostedZoneName=''
response2 = route53.list_hosted_zones()
f=response2['HostedZones']
for zone in f:
config=zone["Config"]
name=zone["Name"]
e=config["PrivateZone"]
if ('abcxyz.cloud' in name) and e:
hostedZoneName=name
responseData = {}
responseData['hostedzonename'] = hostedZoneName
cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData)
CertArnInvocation:
Type: Custom::CertArn
Properties:
ServiceToken: !GetAtt GetCertARN.Arn
Region: !Ref "AWS::Region"
Outputs:
ExportsStackName:
Value: !Ref 'AWS::StackName'
Export:
Name: !Sub '${AWS::StackName}'
HostedZoneNameOutput:
Value: !GetAtt CertArnInvocation.hostedzonename
Description: Return Value of private hosted zone name
Export:
Name: !Sub 'nonProdHostedZoneName'
您正以 nonProdHostedZoneName 的名义导出 HostedZoneNameOutput:
Export:
Name: !Sub 'nonProdHostedZoneName'
但是您正在导入(未显示)名为 HostedZoneName 的值。
根据评论更新(HostedZoneName 是列表,不是字符串)。更正版本:
HostedZoneName: !ImportValue nonProdHostedZoneName
我 运行 使用自定义资源导出 route53 私有托管区域名称的 CFN 模板。我能够根据需要导出 hostedzonename,但无法将此 hostedzonename 导入另一个堆栈。 我收到此错误:
Value of property HostedZoneName must be of type String
感谢任何帮助。谢谢你。 这是我的代码。
AWSTemplateFormatVersion: 2010-09-09
Description: CloudFormation exports
Resources:
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
Path: "/"
Policies:
- PolicyName: root
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- "logs:CreateLogGroup"
- "logs:CreateLogStream"
- "logs:PutLogEvents"
- "route53:Get*"
- "route53:List*"
- "route53:TestDNSAnswer"
Resource: "*"
GetCertARN:
Type: "AWS::Lambda::Function"
DeletionPolicy: Delete
DependsOn:
- LambdaExecutionRole
Properties:
Handler: "index.handler"
Role:
Fn::GetAtt:
- "LambdaExecutionRole"
- "Arn"
Runtime: "python3.7"
MemorySize: 128
Timeout: 100
Code:
ZipFile: |
import boto3
import botocore
import cfnresponse
route53 = boto3.client('route53')
def handler(event, context):
hostedZoneName=''
response2 = route53.list_hosted_zones()
f=response2['HostedZones']
for zone in f:
config=zone["Config"]
name=zone["Name"]
e=config["PrivateZone"]
if ('abcxyz.cloud' in name) and e:
hostedZoneName=name
responseData = {}
responseData['hostedzonename'] = hostedZoneName
cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData)
CertArnInvocation:
Type: Custom::CertArn
Properties:
ServiceToken: !GetAtt GetCertARN.Arn
Region: !Ref "AWS::Region"
Outputs:
ExportsStackName:
Value: !Ref 'AWS::StackName'
Export:
Name: !Sub '${AWS::StackName}'
HostedZoneNameOutput:
Value: !GetAtt CertArnInvocation.hostedzonename
Description: Return Value of private hosted zone name
Export:
Name: !Sub 'nonProdHostedZoneName'
您正以 nonProdHostedZoneName 的名义导出 HostedZoneNameOutput:
Export:
Name: !Sub 'nonProdHostedZoneName'
但是您正在导入(未显示)名为 HostedZoneName 的值。
根据评论更新(HostedZoneName 是列表,不是字符串)。更正版本:
HostedZoneName: !ImportValue nonProdHostedZoneName