AWS CloudFormation-如何获取硬件VPN的VGW外部IP地址

时间:2018-11-07 16:42:05

标签: amazon-cloudformation

根据我对AWS CloudFormation文档的阅读,AWS::EC2::VPNConnection资源未提供硬件VPN外部IP地址的返回值。

我可以在CloudFormation中获取外部IP地址吗?如果最好的选择是用于CloudFormation中的Lambda资源,则将赞赏指向现有代码的指针。

1 个答案:

答案 0 :(得分:0)

我找不到不依靠Lambda支持的自定义资源来获取外部IP地址的方法,所以我写了一个。我已经在模板中包含了relevent资源。您可以在此gist中找到完整的示例模板。

VPNOutsideIPGenerator:
Type: AWS::Lambda::Function
Properties:
  FunctionName: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:get-outside-ip'
  Handler: "index.lambda_handler"
  Timeout: 15
  Role: !GetAtt 'LambdaRole.Arn'
  Runtime: python3.6
  Code:
    ZipFile: |
      import logging
      import boto3
      import cfnresponse

      def lambda_handler(event, context):
          logger = logging.getLogger()
          logger.setLevel(logging.INFO)
          vpn_connection_id = event['ResourceProperties'].get('VPNID', None)
          ec2client = boto3.client('ec2')
          response = ec2client.describe_vpn_connections(VpnConnectionIds=[ vpn_connection_id ])
          responseData = {}
          responseData['OutsideIpAddress1'] = response['VpnConnections'][0]['VgwTelemetry'][0]['OutsideIpAddress']
          responseData['OutsideIpAddress2'] = response['VpnConnections'][0]['VgwTelemetry'][1]['OutsideIpAddress']
          logger.info('responseData {}'.format(responseData))
          cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData)