By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Asking for a friend - Cloudformation Parameters - Default : If condition

0

Hello All,

I have a ci/cd with a multi account strategy and multi accounts - right now I am trying to pass parameters to a cloudformation template that will be choosing in between different parameters set depending if the branchname is test xxxx or dev xxxx

Please find sample below

############ VPC used depending on the Branchname ########################
  VpcA:
    Type: String
    Default: "vpc-redacteda"

  VpcB:
    Type: String
    Default: "vpc-redactedb"  
  
  VPCid:
    Type: String
    Description: VPC Used for the cluster position
    Default: !If [IsTest, !Ref VpcA, !Ref VpcB]

The error being returned is that every default member must be a string - is there a way around that ? perhaps using commadelimitedlist instead of string and passing the parameter in a single line.

There's no matching use case on github or other platform....

Help me awesome people

Topics
Networking & Content DeliveryManagement & GovernanceDevOps
Tags
Amazon VPCAWS CloudFormationDevOps
Language
English
Jeremy ANCELIN
asked 2 years ago768 views
3 Answers
0
Accepted Answer

The right way to do that is to have VPCId being an SSM parameter : https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-parameter.html

You will use !GetAtt Value to obtain its value: see final section of the above

Then you can drive its value with your !If statement to VpcA or VpcB by using the !If construct that you already have.

I am using this myself quite often

You may even go on a simpler path if you need VPCIOd only once. You can insert the condition directly at the place were you need id.

See https://blog.shikisoft.com/aws-cloudformation-no-value-pseudo-parameter/

SampleInstance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t2.micro
      SubnetId: !Ref WebServerSubnet
      ImageId: !Ref ImageId
      SecurityGroupIds:
        - !If [ EnvironmentIsProduction, !Ref SecurityGroup, !Ref 'AWS::NoValue' ]
profile pictureAWS
EXPERT
Didier_Durand
answered 2 years ago
profile picture
EXPERT
Adeleke Adebowale Julius
reviewed 7 months ago
0

Unfortunately decided against using the SSM Parameters route. However I have found you can get the effect I was looking for without.

So to Address that point I have added all the parameters bunch that I needed in Mappings. Those mappings can be addressed afterwards within the same cloudformation template

          ExecutionRoleArn: 
            !If [BranchNameEqualsTest,
              !FindInMap [BranchParameters, test, 'ClusterTaskRole'], 
              !FindInMap [BranchParameters, dev, 'ClusterTaskRole']]
Jeremy ANCELIN
answered 2 years ago
  • Didier_Durand EXPERT
    2 years ago

    Happy that you found the right solution for your use case. Thanks for having accepted my answer

0

You may be able to use the PyPlate example Macro - see https://github.com/awslabs/aws-cloudformation-templates/blob/master/aws/services/CloudFormation/MacrosExamples/PyPlate/README.md.

I haven't in any way tested this code, but once you make the PyPlate macro available, you could use something roughly like:

Transform: [PyPlate]
Parameters:
  VpcA:
    Type: String
    Default: "vpc-redacteda"

  VpcB:
    Type: String
    Default: "vpc-redactedb"  
  
  VPCid:
    Type: String
    Description: VPC Used for the cluster position
    Default: |
      #!PyPlate
      isTest = ... (Get this from "params" dict or a condition in the "template" dict - not clear to me where you're getting this from)
      output = params[VPCid]
      if not output.startswith('vpc-'):
        output = params[VpcA] if isTest else params[VpcB]
EXPERT
Steve Kinsman
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content