amazon-cloudformation

问题 I would like to use CloudFormer in an automated way to generate templates of existing resources in my VPC. I can create the cloudformer instance using Ruby SDK CloudFormation::Client.create_stack() and tear it down using CloudFormation::Client.delete_stack() - but while it's running, I can't figure out how to talk to it to ask it to generate cloudformation templates for resources. I envision doing something like: for every SecurityGroup in VPC: ask CloudFormer to generate a cloudformation

问题 I would like to use CloudFormer in an automated way to generate templates of existing resources in my VPC. I can create the cloudformer instance using Ruby SDK CloudFormation::Client.create_stack() and tear it down using CloudFormation::Client.delete_stack() - but while it's running, I can't figure out how to talk to it to ask it to generate cloudformation templates for resources. I envision doing something like: for every SecurityGroup in VPC: ask CloudFormer to generate a cloudformation

问题 I am trying to write Cloudformation template to get a aws Global Aurora Database. However I am not able to figure out where and how to add the Global database identifier. Can someone help Cloudformation snippet? below is my code: Description: RDS Aurora MySQL cluster. Parameters: DatabaseName: Default: "testglobalaurora" Description: The database name Type: String DatabaseInstanceType: Default: db.r4.large AllowedValues: - db.r4.large - db.r4.xlarge - db.r4.2xlarge - db.r4.4xlarge - db.r4

问题 When I deploy using cloudformation aws cloudformation deploy --region $region --stack-name ABC Got error: An error occurred (ValidationError) when calling the CreateChangeSet operation: Stack:arn:aws:cloudformation:stack/service/7e1d8c70-d60f-11e9-9728-0a4501e4ce4c is in ROLLBACK_COMPLETE state and can not be updated. Please help me ! 回答1: This happens when stack creation fails. The stack will remain in place with a status of ROLLBACK_COMPLETE (unless you've specified that it shouldn't be

问题 I am trying to add some simple bash commands in my userdata but it looks like they do not run? AWSTemplateFormatVersion: '2010-09-09' Resources: RHELInstance: Type: AWS::EC2::Instance Properties: IamInstanceProfile: Super-Agent ImageId: ami-26ebbc5c KeyName: Super-Agent InstanceType: m4.large SecurityGroupIds: - sg-XXXXXX SubnetId: subnet-XXXXXXX BlockDeviceMappings: - DeviceName: "/dev/sda1" Ebs: VolumeSize: 24 VolumeType: gp2 UserData: Fn::Base64: !Sub | #!/bin/bash -xe yum update -y cd

问题 I'm about to rewrite a lot of my aws deployment code to launch everything with cloudformation controlled by boto, instead of bringing up each element on its own with boto. Does anyone know if its "best practice" to use one giant template file, which kicks everything off together, or a lot of smaller ones? The advantage of one giant one seems to be that AWS handles all the dependancies for you so will bring things up slightly faster. The clear disadvantage is that it seems like a nightmare to

问题 I'm about to rewrite a lot of my aws deployment code to launch everything with cloudformation controlled by boto, instead of bringing up each element on its own with boto. Does anyone know if its "best practice" to use one giant template file, which kicks everything off together, or a lot of smaller ones? The advantage of one giant one seems to be that AWS handles all the dependancies for you so will bring things up slightly faster. The clear disadvantage is that it seems like a nightmare to

问题 I am writing a cloud formation template and the creation of a resource in my stack it depends on the environment. Therefore, I check the value of a parameter (Environment), and based on it I create that resource (Condition: ISProduction). However, my problem is that in case that resource is created (MyProductionResource) another resource (AnotherResource) becomes dependent on it and needs to use an output attribute from the other (MyProductionResource). Here the code: Conditions: ISProduction

问题 I am writing a cloud formation template and the creation of a resource in my stack it depends on the environment. Therefore, I check the value of a parameter (Environment), and based on it I create that resource (Condition: ISProduction). However, my problem is that in case that resource is created (MyProductionResource) another resource (AnotherResource) becomes dependent on it and needs to use an output attribute from the other (MyProductionResource). Here the code: Conditions: ISProduction

问题 Is there a way to define a permission/policy/role in AWS which allows to create a CloudFormation Stack using only a specific template (which is updated on S3)? I've seen AWS Service Roles but I think it's not what I'm looking for. In fact I don't see which is the benefit (in terms of security) of using it. If a user can not create a resource directly, but the same user can create the resource through the CloudFormation where is the benefit? However, if there were a way to limit the templates