我可以使用AWS::CloudFormation::Stack轻松地将参数传递到嵌套的Cloudformation堆栈,包括引用的值:
"MyNestedStack" : {
"Type" : "AWS::CloudFormation::Stack",
"Condition" : "MyCondition",
"Properties" : {
"TemplateURL" : {
"Fn::Join" : ["", ["https://mybucket.s3.amazonaws.com/", {
"Ref" : "S3BucketLocation"
}, "/MyNestedStack.template"]]
},
"Parameters": {
"MyVPC" : {
"Ref" : "VPC"
},
"MySubnet" : {
"Ref" : "ManagementSubnet"
},
"MySubnetAZ" : {
"Fn::GetAtt" : [ "ManagementSubnet", "AvailabilityZone" ]
}
"InstanceType" : "m3.large",
"KeyName" : "MyKey",
}
}
}
但是我无法找到任何文档如何将应用于父堆栈的Stack标记传递给子(嵌套)堆栈。
原始堆栈由:
调用#Create Stack
aws cloudformation create-stack --parameters ${parms} --tags Key='Environment Name',Value=${name} Key=Name,Value=${env} --stack-name ${env} --template-url ${url}
Environment name和Name标记应用于原始堆栈中的资源(如实例),但不应用于嵌套堆栈中的资源,也不应用于嵌套堆栈本身。
答案 0 :(得分:3)
AWS已实现将堆栈标记传播到子堆栈。我找不到反映这一变化的公告或文件,但它现在有效。
AWS CloudFormation Resource Tags Type页面说明:
所有堆栈级标记(包括自动创建的标记)都会传播到AWS CloudFormation支持的资源。
在下面的示例父/子堆栈模板中,父对象上的Stack Tags传播到父堆栈中的EC2实例,子堆栈,子堆栈中的EC2实例。
注意:EC2标记仍然不会传播到从块设备映射创建的卷。
父叠加示例
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "Test Child Stack Tag Propagation (Parent Stack)",
"Parameters" : {
"KeyName": {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"Subnet": {
"Type": "AWS::EC2::Subnet::Id"
},
"VPC": {
"Type": "AWS::EC2::VPC::Id"
},
"AMI": {
"Type": "AWS::EC2::Image::Id",
"Default": "ami-f2210191"
},
"ChildTemplateUrl": {
"Type" : "String"
}
},
"Resources" : {
"EC2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"InstanceType" : "t2.nano",
"SecurityGroupIds" : [{"Ref" : "InstanceSecurityGroup"}],
"SubnetId" : { "Ref" : "Subnet" },
"KeyName" : { "Ref" : "KeyName" },
"ImageId" : {"Ref": "AMI"}
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access via port 22",
"VpcId" : { "Ref": "VPC"},
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" : "0.0.0.0/0"
} ]
}
},
"MyNestedStack" : {
"Type" : "AWS::CloudFormation::Stack",
"Properties" : {
"TemplateURL" : {"Ref": "ChildTemplateUrl"},
"Parameters": {
"Subnet" : {"Ref": "Subnet"},
"KeyName" : {"Ref": "KeyName"},
"AMI" : {"Ref": "AMI"},
"SecurityGroup": {"Ref" : "InstanceSecurityGroup"},
"VPC": {"Ref": "VPC"}
}
}
}
},
"Outputs" : {
"InstanceId" : {
"Description" : "InstanceId of the newly created EC2 instance",
"Value" : { "Ref" : "EC2Instance" }
},
"IP" : {
"Description" : "Private IP address of the newly created VPC EC2 instance",
"Value" : { "Fn::GetAtt" : [ "EC2Instance", "PrivateIp" ] }
}
}
}
子堆栈示例
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "Test Child Stack Tag Propagation (Child Stack)",
"Parameters" : {
"KeyName": {
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type": "AWS::EC2::KeyPair::KeyName"
},
"Subnet": {
"Type": "AWS::EC2::Subnet::Id"
},
"VPC": {
"Type": "AWS::EC2::VPC::Id"
},
"AMI": {
"Type": "AWS::EC2::Image::Id"
},
"SecurityGroup": {
"Type": "AWS::EC2::SecurityGroup::Id"
}
},
"Resources" : {
"EC2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"InstanceType" : "t2.nano",
"SecurityGroupIds" : [{"Ref" : "SecurityGroup"}],
"SubnetId" : { "Ref" : "Subnet" },
"KeyName" : { "Ref" : "KeyName" },
"ImageId" : {"Ref": "AMI"}
}
}
},
"Outputs" : {
"InstanceId" : {
"Description" : "InstanceId of the newly created EC2 instance",
"Value" : { "Ref" : "EC2Instance" }
},
"IP" : {
"Description" : "Private IP address of the newly created VPC EC2 instance",
"Value" : { "Fn::GetAtt" : [ "EC2Instance", "PrivateIp" ] }
}
}
}