我对 CloudFormation 流程相当陌生,现在我正在取得一些进展,但我想将我的映射建立在环境参数和区域的基础上,我在想:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Basic stack",
"Parameters": {
"EnvironmentType": {
"Description": "Production or Development environment",
"Type": "String",
"AllowedValues": ["Prod", "Dev"],
"ConstraintDescription": "Must be an allowed value"
}
},
"Mappings":{
"VPC": {
"Prod": {
"us-east-1" : "vpc-12345678",
"eu-central-1" : "vpc-abcdefgh",
"ap-southeast-1" : "vpc-abcd1234"
},
"Dev": { "us-east-1" : "vpc-1234efgh" }
}
},
"Resources": {
"ApplicationSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Fn::FindInMap" : [
"VPC",
{ "Ref" : "EnvironmentType" },
{ "Ref": "AWS::Region" }
]
},
"SecurityGroupEgress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
}
}
}
但是,当我尝试此操作时,我收到模板格式错误“映射属性名称“us-east-1”必须仅包含字母数字字符。”
如何根据环境和区域选择正确的 VPC ID?
最佳答案
尝试反转传递给 Fn::FindInMap 的两个映射层(AWS::Region 后跟 EnvironmentType):
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Basic stack",
"Parameters": {
"EnvironmentType": {
"Description": "Production or Development environment",
"Type": "String",
"AllowedValues": ["Prod", "Dev"],
"ConstraintDescription": "Must be an allowed value"
}
},
"Mappings":{
"VPC": {
"us-east-1": {
"Prod": "vpc-12345678",
"Dev": "vpc-1234efgh"
},
"eu-central-1": {
"Prod": "vpc-abcdefgh"
},
"ap-southeast-1": {
"Prod": "vpc-abcd1234"
}
}
},
"Resources": {
"ApplicationSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"VpcId": {
"Fn::FindInMap" : [
"VPC",
{ "Ref": "AWS::Region" },
{ "Ref" : "EnvironmentType" }
]
},
"SecurityGroupEgress": [
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "443",
"ToPort": "443",
"CidrIp": "0.0.0.0/0"
}
]
}
}
}
}
关于amazon-web-services - AWS CloudFormation 映射区域之间的不同环境,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42031891/