为什么这甚至是个问题? 我设置了aws SES(简单电子邮件服务),它将对我的消息进行加密。因此,在我的模板中,我创建了ReceiptRule。
ReceiptRule:
Type: "AWS::SES::ReceiptRule"
DependsOn: [ TestEmailBucket ]
Properties:
RuleSetName:
Ref: RuleSetName
Rule:
Name: "TestName
Enabled: true
Actions:
- S3Action:
BucketName:
Ref: InboundEmailBucket
KmsKeyArn: "arn:aws:kms:eu-west-1:XXXXXX:key/XXXXXXX"
Recipients:
- Fn::Sub: default-recipient-to-avoid-catch-all${DomainName}
上面的代码工作正常! 但是,当然,我不想对KmsKeyArn进行硬编码。那么为什么不能仅设置如下引用:
Parameters:
KmsMasterKeyArn:
Type: String
Default: "arn:aws:kms:eu-west-1:XXXXX:key/XXXXXXX"
---------
Actions:
- S3Action:
BucketName:
Ref: InboundEmailBucket
KmsKeyArn:
Ref: KmsMasterKeyArn
这对我不起作用...我在许多其他地方对KmsMasterKeyArn的引用也起作用。就在这里,在S3Action中它不起作用。有人解决吗?