I try to import a resource's arn string from another cloudformation stack's output. But I get this error:
mapping values are not allowed here
in "<unicode string>", line 22, column 28:
Role: Fn::ImportValue: LocalLambdaExecRole.Arn
^ (line: 22)
Stack 1 with the output:
Resources:
LocalLambdaExecRole:
Type: AWS::IAM::Role
Properties:
RoleName: LocalLambdaExecRole
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole"
AssumeRolePolicyDocument:
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: sts:AssumeRole
Outputs:
LocalLambdaExecRole:
Description: Lambda Execution Role
Value: !Ref LocalLambdaExecRole
Export:
Name: !Sub "${AWS::StackName}-LocalLambdaExecRole"
And in stack 2 I want to import the Arn from the LocalLambdaExecRole:
Resources:
LogGroup:
Type: "AWS::Logs::LogGroup"
Properties:
LogGroupName: "TestGroup"
HtmlRendererFunction:
Type: AWS::Lambda::Function
Properties:
FunctionName: "TestLambda"
Role: !ImportValue: LocalLambdaExecRole.Arn
Runtime: python3.9
Architectures:
- arm64
Handler: app.handler
Timeout: 40
MemorySize: 8000
PackageType: Image
Code:
ImageUri: "123.dkr.ecr.eu-west-1.amazonaws.com/test:latest"
VpcConfig:
SecurityGroupIds:
- sg-0e640b53f5ba70c4e
SubnetIds:
- subnet-037112f9a752f20c8
- subnet-0abd66e55d4b9f967
- subnet-053e223fd30ba07de
How do I properly import the LocalLambdaExecRole.Arn? I have a hard time wrapping my head around the syntax here.
CodePudding user response:
Instead of
Role: !ImportValue: LocalLambdaExecRole.Arn
it should be:
Role: !ImportValue LocalLambdaExecRole
and your output should be:
Outputs:
LocalLambdaExecRole:
Description: Lambda Execution Role
Value: !GetAtt LocalLambdaExecRole.Arn
Export:
Name: !Sub "${AWS::StackName}-LocalLambdaExecRole"