对如何正确创建嵌套的cloudformation堆栈感到困惑

时间:2018-02-14 19:37:29

标签: amazon-web-services nested stack amazon-cloudformation

到目前为止,对于我的项目,我只有一个cloudformation堆栈模板。但是,我最近遇到了堆栈模板中可以拥有的字节数限制,这就是我一直在研究嵌套堆栈的原因。虽然我在格式化时遇到了一些麻烦,因为我在所提供的示例中看到了很多差异。

下面是在达到限制之前原始(非嵌套)堆栈模板的片段。

---
AWSTemplateFormatVersion: "2010-09-09"
Description: "Template for wgs-pipeline"

Parameters:

  CloudspanLambdaFuncS3BucketName:
    Type: String

  CloudspanLambdaFuncS3KeyName:
    Default: 'sfn.deployable.zip'
    Type: String

  CloudspanLambdaFuncModuleName:
    Default: 'cloudspan'
    Type: String


Resources:

  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16

  InternetGateway:
    Type: AWS::EC2::InternetGateway

  RouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref 'VPC'

  VPCGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref 'VPC'
      InternetGatewayId: !Ref 'InternetGateway'

  SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: EC2 Security Group for instances launched in 
the VPC by Batch
      VpcId: !Ref 'VPC'

# Lambda Resources (the section I want to place in a separate stack)

  CloudspanLambdaExecutionRole:
    Type: "AWS::IAM::Role"
    Properties:
      AssumeRolePolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Principal:
              Service: lambda.amazonaws.com
            Action: "sts:AssumeRole"
      Policies:
        - PolicyName: CanListBuckets
          PolicyDocument:
            Version: "2012-10-17"
            Statement:
              - Effect: Allow
                Action:
                  - "s3:GetBucketLocation"
                  - "s3:ListAllMyBuckets"
                Resource: "arn:aws:s3:::*"
        - PolicyName: CanLog
          PolicyDocument:
            Version: '2012-10-17'
            Statement:
            - Effect: Allow
              Action:
              - logs:*
          Resource: arn:aws:logs:*:*:*

  CloudspanLambdaFunction:
    Type: "AWS::Lambda::Function"
    Properties:
      Handler:
        Fn::Join: [ ".", [ Ref: CloudspanLambdaFuncModuleName, "handler"] ]
      Role:
        Fn::GetAtt: [ CloudspanLambdaExecutionRole, Arn ]
      Code:
        S3Bucket:
          Ref: CloudspanLambdaFuncS3BucketName
        S3Key:
          Ref: CloudspanLambdaFuncS3KeyName
      Runtime: "python3.6"
      Timeout: "60"

我想要做的是将“Lambda resources”注释下的所有内容隔离到一个单独的堆栈(“lambda stack”)中,然后让这个主堆栈调用该单独的“lambda堆栈”。

以下是我当前的设置尝试,但我不知道我是否正确执行:

主模板: 

---
AWSTemplateFormatVersion: "2010-09-09"
Description: "Master template for wgs-pipeline. Contains network resources, lambda parameters, and batch 
              parameters"
Parameters:
  CloudspanLambdaFuncS3BucketName:
    Type: String
  CloudspanLambdaFuncS3KeyName:
    Default: 'sfn.deployable.zip'
    Type: String
  CloudspanLambdaFuncModuleName:
    Default: 'cloudspan'
    Type: String
Resources:
# The stuff that was already in the Resources section in the original stack
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
  InternetGateway:
    Type: AWS::EC2::InternetGateway
  RouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref 'VPC'
  VPCGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref 'VPC'
      InternetGatewayId: !Ref 'InternetGateway'
  SecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: EC2 Security Group for instances launched in the VPC by Batch
      VpcId: !Ref 'VPC'
# The section that is referencing a separate stack
  LambdaStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      Parameters:
        LambdaFunction:
          # ref?
        LambdaExecutionRole:
          # ref?
      TemplateURL: # URL to S3 location of lambda stack
      TimeoutInMinutes: '60'

LambdaStack模板: 

---
AWSTEmplateFormatVersion: '2010-09-09'
Description: Lambda functions stack, contains lambda function and lambda function execution roles.
Parameters:
  LambdaFunction:
    Description: the lambda function.
  LambdaExecutionRole:
    Description: the lambda execution roles.
Resources:
  Type: "AWS::Lambda::Function"
  Properties:
    Handler:
      #
      # Need to figure out how to reference these since they are parameters that exist in the master template
      #
      Fn::Join: [ ".", [ Ref: CloudspanLambdaFuncModuleName, "handler"] ]
    Role:
      Fn::GetAtt: [ CloudspanLambdaExecutionRole, Arn ]
    Code:
      S3Bucket:
        Ref: CloudspanLambdaFuncS3BucketName
      S3Key:
        Ref: CloudspanLambdaFuncS3KeyName
    Runtime: "python3.6"
    Timeout: "60" # This will be included in the master stack?
Outputs:
  LambdaStack:
    Description: Lambda stack ID.
    Value:
      Ref: LambdaFunction
    Export:
      Name:
        Fn::Sub: "${AWS::StackName}-LambdaFunction"
  LambdaExecutionRoleStack:
    Description: Lambda execution role stack ID.
    Value:
      Ref: LambdaExecutionRole
    Export:
      Name:
        Fn::Sub: "${AWS::StackName}-LambdaExecutionRole"

到目前为止,我是否正确格式化了LambdaStack模板和主模板?就原始(非嵌套)堆栈中的CloudspanLambdaFunction和CloudspanLambdaExecutionRole参数而言,我究竟如何格式化LambdaStack(嵌套)模板中的参数?它只是在LambdaStack yaml的资源部分添加两个参数吗?

0 个答案:

没有答案
相关问题
最新问题