[英]How to pass public key from parameter file in cloudformation template?
I have defined the following a Cloudformation template, where I want to pass Public Key from a parameter file.我已经定义了以下 Cloudformation 模板,我想从参数文件中传递公钥。 The 'MyPublicKey' variable is of string type.
“MyPublicKey”变量是字符串类型的。 I refer to this variable by using
我通过使用来引用这个变量
EncodedKey !Ref MyPublicKey
under PublicKeyConfig as seen below.在 PublicKeyConfig 下,如下所示。
AWSTemplateFormatVersion: "2010-09-09"
Parameters:
MyPublicKey:
Type: String
Description: 'Public key for some purpose'
NoEcho: true
Resources:
CloudfrontPublicKey:
Type: AWS::CloudFront::PublicKey
Properties:
PublicKeyConfig:
CallerReference: 'some-caller-reference'
Comment: 'Public key for signed url'
Name: 'cloudfront-public-key'
EncodedKey: !Ref MyPublicKey
...
The parameter.json file looks something like this.参数.json 文件看起来像这样。 The public key was multi line in the original.pem file but I have added new lines character '\n' in the string whereever there is a line break.
公钥在 original.pem 文件中是多行的,但我在字符串中添加了换行符 '\n',只要有换行符。
[
{
"ParameterKey": "MyPublicKey",
"ParameterValue": "-----BEGIN PUBLIC KEY-----\naaaa\nbbbb\n-----END PUBLIC KEY-----"
},
]
When trying to update the stack, I get the following error:尝试更新堆栈时,出现以下错误:
Invalid request provided: AWS::CloudFront::PublicKey
It does not seem to be able to import the public key.它似乎无法导入公钥。
Based on comments an extra \n
char was needed when passing the value and Ref
should be replaced with Sub
function for placing the string.根据注释,传递值时需要额外的
\n
字符,并且Ref
应替换为Sub
function 以放置字符串。
Resources:
CloudfrontPublicKey:
Type: AWS::CloudFront::PublicKey
Properties:
PublicKeyConfig:
CallerReference: 'some-caller-reference'
Comment: 'Public key for signed url'
Name: 'cloudfront-public-key'
EncodedKey: !Sub "${MyPublicKey}"
Below is the inline key example:下面是内联键示例:
Generate keys:生成密钥:
openssl genrsa -out private_key.pem 2048
openssl rsa -pubout -in private_key.pem -out public_key.pem
Cloudformationt template: Cloudformationt 模板:
AWSTemplateFormatVersion: "2010-09-09"
Resources:
CloudfrontPublicKey:
Type: AWS::CloudFront::PublicKey
Properties:
PublicKeyConfig:
CallerReference: 'some-caller-reference'
Comment: 'Public key for signed url'
Name: 'cloudfront-public-key'
EncodedKey: |
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG0grTw5uHbO4CkFVyqN
lKLGd9ZJrj6l68QU20SzrF7jgQtzE7VKfHxWfzE5FDKF1qKVLT0mURjlRfRPUXaT
sZYsnKv+cTYkraewdLqbVuN7JII2D/cEXTYRn7849kGKycl3YMXeJeBStbLSPWfh
MNJZnlFnEX6DkYtwk0Ae0bQ3WT1Be/Xhe4pqSQsnU+InSDkIfA+4UTRLa0kTCgON
8BjcNloJE3NbLYshQPconb8pA+3jjkMF0QAH6rtc452G7CuS3KBfVQwWUeWE77kK
wQQir6YFvKP3pG8Ls55FxXBTCCNJl5LZcHt1D0cZmuoSLJj2mVzJgKGyLTdoIwAW
6QIDAQAB
-----END PUBLIC KEY-----
Listing keys:列表键:
aws cloudfront list-public-keys|jq .PublicKeyList.Items[1]
Output: Output:
{
"Id": "08ZCTRKADSADASDAS",
"Name": "cloudfront-public-key",
"CreatedTime": "2021-02-27T10:25:43.076Z",
"EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsG0grTw5uHbO4CkFVyqN\nlKLGd9ZJrj6l68QU20SzrF7jgQtzE7VKfHxWfzE5FDKF1qKVLT0mURjlRfRPUXaT\nsZYsnKv+cTYkraewdLqbVuN7JII2D/cEXTYRn7849kGKycl3YMXeJeBStbLSPWfh\nMNJZnlFnEX6DkYtwk0Ae0bQ3WT1Be/Xhe4pqSQsnU+InSDkIfA+4UTRLa0kTCgON\n8BjcNloJE3NbLYscZmuoSLJj2mVzJgKGyLTdoIwAW\n6QIDAQAB\n-----END PUBLIC KEY-----\n",
"Comment": "Public key for signed url"
}
Public key creation in AWS cloudformation giving following error: Invalid request provided: AWS::CloudFront::PublicKey already answered. AWS cloudformation 中的公钥创建给出以下错误:提供的请求无效:AWS::CloudFront::PublicKey已回答。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.