我正在尝试使用cloudformation并指定一个"名称"使用正常过程弹性ip,即:
IPAddress:
Description: 'ip:${AWS::Region}:${AWS::StackName} - elastic up for something'
Type: 'AWS::EC2::EIP'
Properties:
Tags:
- Key: Name
Value: !Sub 'ec2:${AWS::Region}:${AWS::StackName}'
由于某种原因,cloudformation会抛出错误:"标签不受支持",所以我想我想问,有没有办法设置"名称"弹性ip与云形成?
干杯
答案 0 :(得分:6)
您的错误原因在于CloudFormation,弹性IP资源“AWS :: EC2 :: EIP”不支持属性的标记。
对于第二个问题,据我所知,目前没有办法从云层中命名弹性IP。
答案 1 :(得分:3)
别屏住呼吸,这是AWS论坛上的thread,始于2012年。
请改用CloudFormation Custom Resources来弥补此问题和其他CFN缺陷。
以下是我使用Python和boto3的实现。
tag-ec2-resource.py的Python源代码
import cfnresponse
import boto3
import os
def lambda_handler(event, context):
print(event, context)
ec2 = boto3.client('ec2', region_name=os.environ['AWS_REGION'])
ResourceId = event['ResourceProperties']['ResourceId']
TagKey = event['ResourceProperties']['TagKey']
TagValue = event['ResourceProperties']['TagValue']
responseData = {}
if event['RequestType'] == 'Delete':
try:
response = ec2.delete_tags(
Resources=[
ResourceId,
],
Tags=[
{
'Key': TagKey,
'Value': TagValue
}
]
)
print(response)
except Exception as e:
print(e)
cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, physicalResourceId=ResourceId)
return
if event['RequestType'] == 'Update':
try:
OldResourceId = event['OldResourceProperties']['ResourceId']
OldTagKey = event['OldResourceProperties']['TagKey']
OldTagValue = event['OldResourceProperties']['TagValue']
response = ec2.delete_tags(
Resources=[
OldResourceId,
],
Tags=[
{
'Key': OldTagKey,
'Value': OldTagValue
}
]
)
print(response)
except Exception as e:
print(e)
try:
response = ec2.create_tags(
Resources=[
ResourceId,
],
Tags=[
{
'Key': TagKey,
'Value': TagValue
},
]
)
print(response)
except:
pass
cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData, physicalResourceId=ResourceId)
(您需要使用此功能将cfn-response打包)
定义Lambda角色
TagEC2ResourceLambdaRole:
Type: 'AWS::IAM::Role'
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- 'lambda.amazonaws.com'
Action:
- 'sts:AssumeRole'
Path: '/'
Policies:
- PolicyName: 'AmazonLambdaServicePolicy'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- 'logs:CreateLogGroup'
- 'logs:CreateLogStream'
- 'logs:PutLogEvents'
- 'ec2:Describe*'
- 'ec2:CreateTags'
- 'ec2:DeleteTags'
Resource: '*'
定义Lambda函数
TagEC2ResourceLambda:
Type: 'AWS::Lambda::Function'
Properties:
FunctionName: !Join [ '-', [ 'tag-ec2-resource', !Select [ 2, !Split [ '/', !Ref 'AWS::StackId' ]]]]
Handler: 'tag-ec2-resource.lambda_handler'
Code:
S3Bucket: !Ref 'S3Bucket'
S3Key: !Sub 'lambda-functions/tag-ec2-resource-${LambdaVersion}.zip'
Runtime: python2.7
Role: !Ref 'TagEC2ResourceLambdaRoleArn'
Description: 'Tag EC2 resource.'
Timeout: 30
Tags:
- Key: Name
Value: !Ref 'NameTag'
最后,使用模板中的自定义资源标记EIP
MyEipTag:
Type: 'Custom::TagEC2Resource'
Properties:
ServiceToken: !Sub 'arn:${AWS::Partition}:lambda:${AWS::Region}:${AWS::AccountId}:function:tag-ec2-resource-${LambdaStackGuid}'
ResourceId: !GetAtt MyEiP.AllocationId
TagKey: 'Name'
TagValue: 'my-very-special-EIP'
希望这会有所帮助。