堆栈内存溢出
  简体   繁体   English

在 Cloudformation 模板中引用动态角色名称

[英]Reference a dynamic role name in a Cloudformation template

 原文  2021-03-09 07:00:33       amazon-web-services/ amazon-ec2/ amazon-cloudformation/ amazon-iam/ iaas

问题描述

In one Cloudformation template I create the following role:在一个 Cloudformation 模板中,我创建了以下角色:

  CRMPiccoRole:
    Type: 'AWS::IAM::Role'
    Properties:
      RoleName: !Sub 'crm-${Environment}-register'

In another Cloudformation template for an EC2 instance I am attempting to attach that role to my EC2 instance, however I am unsure how to reference a dynamic role name.在 EC2 实例的另一个 Cloudformation 模板中,我尝试将该角色附加到我的 EC2 实例,但是我不确定如何引用动态角色名称。

Resources:
  InstanceProfile:
    Type: 'AWS::IAM::InstanceProfile'
    Properties:
      Path: /
      Roles:
        - !Ref 'crm-${Environment}-register'

Can this be done?这可以做到吗?

When I attempt to validate the template I get an error:当我尝试验证模板时出现错误:

An error occurred (ValidationError) when calling the ValidateTemplate operation: Template format error: Unresolved resource dependencies [crm-${Environment}-register] in the Resources block of the template调用ValidateTemplate操作时发生错误(ValidationError): Template format error: Unresolved resource dependencies [crm-${Environment}-register] 在模板的Resources块中

1 个解决方案

解决方案1
 2 已采纳  2021-03-09 07:08:24

Ref does not work across stacks. Ref不能跨堆栈工作。 Assuming you are using same account and region , instead you have to use Export and ImporValue functions.假设您使用相同的 account 和 region ,则必须使用ExportImporValue函数。

So in your first stack you would have:因此,在您的第一个堆栈中,您将拥有:

  CRMPiccoRole:
    Type: 'AWS::IAM::Role'
    Properties:
      RoleName: !Sub 'crm-${Environment}-register'

Outputs:

   MyCRMPiccoRole:
     Value: !Ref CRMPiccoRole
     Export:
        Name: !Sub 'crm-${Environment}-register'

In the second stack :第二个堆栈中:

Resources:
  InstanceProfile:
    Type: 'AWS::IAM::InstanceProfile'
    Properties:
      Path: /
      Roles:
        - Fn::ImportValue:
            !Sub 'crm-${Environment}-register'

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在我的新 CloudFormation 模板中引用现有角色? - How can I reference an existing role in my new CloudFormation template? 如何在Cloudformation模板中指定Lambda函数和IAM角色名称 - How to specify lambda function and IAM role name in cloudformation template CloudFormation模板中的未解决的参数存储SecureString动态参考 - Unresolved Parameter Store SecureString dynamic reference in CloudFormation template 解决EC2用户数据云形式模板中的动态参考 - Resolving dynamic reference in EC2 user data cloudformation template Cloudformation模板为SQS创建角色 - Cloudformation template to create a role for SQS 在 CloudFormation 模板中使用现有角色 - Using Existing Role in CloudFormation Template 如何在新的 Cloudformation 模板中引用 Cloudformation 资源? - How to reference Cloudformation Ressources in a new Cloudformation template? 在aws cloudformation模板中引用“Self”? - Reference “Self” in aws cloudformation template? AWS Cloudformation:模板验证错误角色和策略 - AWS Cloudformation:Template validation error Role and policy 在 cloudformation 模板中导出密钥名称 - Export secret name in cloudformation template
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM