amazon-cloudformation

问题 Is it possible to define VPCId for an EC2 instance template as a property? I am trying to do is something like, "Resources" : { "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "SecurityGroups": [ { "Ref": "AWSSecurityGroups" } ], "KeyName" : { "Ref" : "KeyName" }, "InstanceType" : { "Ref" : "InstanceType" }, "Tags" : [ { "Key" : "Name", "Value" : "Softnas-CF" }], "ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}, "VpcId" : { "Ref" : "VPCId" }

问题 I'm getting this strange error Access to Role 'cognito role' is forbidden. while creating a cloud formation stack here is my cloud formation file in yaml format. I'm basically creating a s3 bucket and a cognito identity to facilate client side access to my bucket the whole thing is working fine except this error Access to Role 'phototest-cognitoRole-1AMKUVXUXAJ5H' is forbidden. (Service: AmazonCognitoIdentity; Status Code: 400; Error Code: NotAuthorizedException AWSTemplateFormatVersion: 2010

问题 I am attempting to spin up an RDS stack via a Cloudformation template. I would like to enable Enhanced Monitoring on my DB instances. In order to do that, the MonitoringRoleArn property must be specified on the resource. As I understand it, this ARN should point to an IAM Service Role that has been given the AmazonRDSEnhancedMonitoringRole policy, as described here: http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html I would ideally like to also create that role via

问题 I am writing a AWS Code formation. I have to print the Cidrblock of a subnet. But that does not work. Please help "Resources": { "Subnet": { "Type": "AWS::EC2::Subnet", "Properties": { "VpcId": { "Ref": "VPC" }, "CidrBlock": "10.0.0.0/16", } }, Outputs : { "SubnetCIDR": { "Value": { "Fn::GetAtt": [ "Subnet", "CidrBlock" ] }, "Description": "The CIDR" }, } This does not work. The following error message is shown while uploading the template: Template validation error: Template error: resource

问题 In AWS CloudFormation, you can specify a template by uploading a template file or by specifying a S3 URL to a template. (Specify an Amazon S3 template URL) If the bucket is public, you can construct a URL for anyone to access the object/template. This works fine as long as the S3 template URL is a simple URL: https://s3.amazonaws.com/public-bucket/unsigned.template But if the bucket is private, you can generate a signed S3 URL if you want to share an object to others. I am given a URL that is

问题 In AWS CloudFormation, you can specify a template by uploading a template file or by specifying a S3 URL to a template. (Specify an Amazon S3 template URL) If the bucket is public, you can construct a URL for anyone to access the object/template. This works fine as long as the S3 template URL is a simple URL: https://s3.amazonaws.com/public-bucket/unsigned.template But if the bucket is private, you can generate a signed S3 URL if you want to share an object to others. I am given a URL that is

问题 I am trying to use AWS API to create a stack in AWS CloudFormation, but they return error saying " signature we calculated does not match the signature you provided " Fllowing is the code that I am using to generate the siganture $private_key = "xxxxxxxxxxxxx"; $params = array(); $method = "POST"; $host = "cloudformation.eu-west-1.amazonaws.com"; $uri = "/onca/xml"; // additional parameters $params["Service"] = "AWSCloudFormation"; $params["Operation"] = "DeleteStack"; $params["AWSAccessKeyId

问题 More AWS questions! Ok, so the idea is one master template calls all the nested stacks. With help from here I figured out how to pass parameters from the master to the nested stacks. Now I am trying to figure out how to pass values from nested stacks to nested stacks. I believe this should be done via Exports and Imports, but I don't think I have this quite right. I'm not sure if it's my imports or exports that are wrong. The error I am getting is: No export named TestStack1-VpcStackID found.

问题 I'm using a platform condition to control the type of environment that gets spun up on AWS. There are plenty of shared resources, but I need certain EC2 instances with pre-baked AMIs depending on a number conditions. "Parameters": { "Platform": { "Description": "Select platform type - linux or windows", "Default": "linux", "Type": "String", "AllowedValues": [ "linux", "windows", "both" ], "ConstraintDescription": "Must enter either linux, windows, or both" }, Then I set the conditions .

问题 I describe existing AWS Lambda function in CloudFormation template and I face with the next issue. In our Lambda we configured few test events which helps us to verify some usecases (I mean functionality from the screenshot below). But I don't see any abilities to add these test events to the CloudFormation template. AWS documentation don't help me with that. Is that possible at all or are there any workarounds how to export and import Lambda function test events? 回答1: Lambda test