根据我对AWS CloudFormation文档的阅读,AWS::EC2::VPNConnection资源未提供硬件VPN外部IP地址的返回值。
我可以在CloudFormation中获取外部IP地址吗?如果最好的选择是用于CloudFormation中的Lambda资源,则将赞赏指向现有代码的指针。
答案 0 :(得分:0)
我找不到不依靠Lambda支持的自定义资源来获取外部IP地址的方法,所以我写了一个。我已经在模板中包含了relevent资源。您可以在此gist中找到完整的示例模板。
VPNOutsideIPGenerator:
Type: AWS::Lambda::Function
Properties:
FunctionName: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:get-outside-ip'
Handler: "index.lambda_handler"
Timeout: 15
Role: !GetAtt 'LambdaRole.Arn'
Runtime: python3.6
Code:
ZipFile: |
import logging
import boto3
import cfnresponse
def lambda_handler(event, context):
logger = logging.getLogger()
logger.setLevel(logging.INFO)
vpn_connection_id = event['ResourceProperties'].get('VPNID', None)
ec2client = boto3.client('ec2')
response = ec2client.describe_vpn_connections(VpnConnectionIds=[ vpn_connection_id ])
responseData = {}
responseData['OutsideIpAddress1'] = response['VpnConnections'][0]['VgwTelemetry'][0]['OutsideIpAddress']
responseData['OutsideIpAddress2'] = response['VpnConnections'][0]['VgwTelemetry'][1]['OutsideIpAddress']
logger.info('responseData {}'.format(responseData))
cfnresponse.send(event, context, cfnresponse.SUCCESS, responseData)