kandi X-RAY | cloudformation Summary
kandi X-RAY | cloudformation Summary
Top functions reviewed by kandi - BETA
- Creates a new stack
- Waits for a stack to complete
- Converts an input stream to a single string
- Delete the given stack
- Test to see if a stack is created
cloudformation Key Features
cloudformation Examples and Code Snippets
Trending Discussions on cloudformation
I am trying to install MongoDB from a script in a EC2 from AWS CloudFormation. I want the script to automatically run when the stack is created from the template.
On line 303 of this template by Amazon you can see they do this
However, I am confused on the use of the backslash at every line. What format is needed to put a bash script into a AWS template so it runs on startup?...
ANSWERAnswered 2022-Mar-16 at 04:50
This is called a userdata and in CloudFormation (CFN) it can be specified in multiple ways. The template in the link also use cfn-ini thus it has those "backslash". They are used to split a single line into multiple lines for readability.
Often the following form of user-data is enough which is easier to write and read:
Quote from the aws cdk docs:
If you need to use a pre-existing secret, the recommended way is to manually provision the secret in AWS SecretsManager and use the Secret.fromSecretArn or Secret.fromSecretAttributes method to make it available in your CDK Application
Why is that? Is it because it's not ideal to save the plain text secret into code?
Or we don't want the secret to appear in the cloudformation template?...
ANSWERAnswered 2022-Jan-25 at 16:41
It is highly encouraged to leave this field undefined and allow SecretsManager to create the secret value. The secret string -- if provided -- will be included in the output of the cdk as part of synthesis, and will appear in the CloudFormation template in the console. This can be secure(-ish) if that value is merely reference to another resource (or one of its attributes), but if the value is a plaintext string, it will be visible to anyone with access to the CloudFormation template (via the AWS Console, SDKs, or CLI).
Our CDK code and generated templates are meant to be deterministic and version-controlled, further heightening the risk of leakage if plaintext secrets are used.
Edit: Per @gshpychka's comment, a safe alternative to importing with
Secret.fromSecretArn is to construct a new
Secret without a secret value. This creates a secret with a random password, which you change post-deploy in the Console. This approach helpfully ties the secret's lifecycle to the Stack and lets you set its properties in the context of the Stack.
I am trying to deploy a function and aws api gateway using cloudformation. In LambdaPermission resource there is a property which is SourceArn and it expects the ARN of the resource that will invoke the function, in this case it will be api gateway. Now ApiGateway resource does not provide the output value of arn. So my question is how we can access it?
here is the resource of Lambda Permission where I need to put the value in sourcearn....
ANSWERAnswered 2022-Jan-16 at 19:47
I'm learning SAM, and I created two projects.
The first one, example1, I created it from the AWS web console, by going to Lambda, Applications, and choosing this template:
After the wizard finishes creating the app, it looks like this:
I'm interested in the yellow-highlighted area because I don't understand it yet.
I tried to replicate this more or less manually by using
sam init and created example2. It's easy to look at the
template.yml it creates and see how the stuff in Resources are created, but how is the stuff in Infrastructure created.
When I deploy example2 with
sam deploy --guided, indeed there's nothing in Infrastructure:
Given example2, how should I go about creating the same infrastructure as example1 had out of the box (and then changing it, for example, I want several environments, prod, staging, etc). Is this point and click in the AWS console or can it be done with CloudFormation?
I tried adding a permission boundary to example2, on of the things example1 has in Infrastructure, I created the policy in IAM (manually, in the console), added it to the
template.yml, and deployed it but it didn't show up in "Infrastructure".
ANSWERAnswered 2021-Dec-15 at 15:33
If I understand correctly, you want to reproduce the deployment on the SAM app. If that's the case, there is an AWS sample that covers the same approach.
It seems you are using either CodeStar/CodeCommit/CodePipeline/CodeDeploy/Code... etc. from AWS to deploy your SAM application on
At deploy time, these resources under
infrastructure are created by the "Code" services family in order to authorize, instantiate, build, validate, store, and deploy your application to CloudFormation.
On the other hand, on
example2, whenever you build your project in your local machine, both instantiation, build, validation, storage (of the upload-able built artifacts) are leveraged by your own device, hence not needed be provisioned by AWS.
To shortly answer your question: No. Your can't recreate these infrastructure resources on your own. But again, you wouldn't need to do so while deploying outside of AWS' code services.
Im using Serverless Framework to deploy a Docker image running R to an AWS Lambda....
ANSWERAnswered 2021-Dec-15 at 23:26
The way your events.http is configured looks wrong. Try replacing it with:
I have to deploy one stack, let's call it the parent stack in one region Them a second stack(child) needs to be deployed, in another region. The region of the second stack(child stack) can not include the region where the parent was deployed. The second stack can be deployed in multiple regions.
However, the second stack needs props from the first stack. Specifically, it needs an ARN value. The default region is
us-east-1. That is where the parent stack will get deployed.
To solve this I attempted the following
1- First Attempt : Using cfnOutput
- Created a
cfnOutputin the parent and in the child I capture the value with
- RESULT: Got an error as cfnOutput can not be used between stacks on different regions as explained in CloudFormation User Guide
2- Second Attempt: Using StackProps
- Created an interface in the parent stack that inherit from StackProps, set a public property and put the ARN value there
from the lib/mystack file...
ANSWERAnswered 2021-Nov-27 at 11:00
Use a Parameter Store value with a CustomResource.
This answer has a full Typescript CDK example of cross-region refs.
(I originally posted this as a comment because I thought the question was perhaps a duplicate. But on reflection, I see that the linked question and tags only mention CloudFormation, not the CDK. Seems the community gets the most benefit from keeping this question alive).
I'm trying to create a statemachine with a BatchSubmitJob in AWS CDK with dynamic environment variables in the BatchContainerOverrides. I was thinking about something like this:...
ANSWERAnswered 2021-Nov-22 at 14:05
You can use the aws_cdk.aws_stepfunctions.JsonPath class:
So I'm trying to init an existing "react-ts" amplify project, which has about 8 services configured in it. When I run amplify push, everything seems to be good and successful except the following, which I get this error:...
ANSWERAnswered 2021-Oct-09 at 02:08
That specific message appears to be related to this GitHub issue on the CLI: https://github.com/aws-amplify/amplify-cli/issues/8363
We ran into the same issue today, and the below fixed it for us.
Solution copied here:
This issue is due to missing policy in the MFALambda role which was fixed in #7729. Could you try adding the following policy to your auth cloudformation and see if that fixes the issue. The part that you need to add is the policy with name corecocf3573d0_sns_pass_role_policy
I am trying to set-up a websocket gateway to a Lambda function in AWS. When I do this manually I can successfully deploy the websocket and try it out using
wscat. However I would like to build the architecture up using CloudFormation.
The structure of my CloudFormation yaml file looks like this:...
ANSWERAnswered 2021-Sep-27 at 11:02
I guess you need
AWS::Lambda::Permission resource, e.g.:
It only shows how to assign permission sets to already existing users. Also looking at the cloudformation documentation, it does not mention anything about users.
Is there a way to create aws sso users via cloudformation or cdk?...
ANSWERAnswered 2021-Aug-22 at 06:40
Sadly this is not yet supported. AWS docs say that in future such support should be added, at least to AWS API, which then you could use from custom resources in CloudFormation:
Future updates to AWS SSO Identity Store APIs, including additions for creation and modification of users and groups, will be documented in this reference as they are released.
No vulnerabilities reported
You can use cloudformation like any standard Java library. Please include the the jar files in your classpath. You can also use any IDE and you can run and debug the cloudformation component as you would do with any other Java program. Best practice is to use a build tool that supports dependency management such as Maven or Gradle. For Maven installation, please refer maven.apache.org. For Gradle installation, please refer gradle.org .
Reuse Trending Solutions
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page