Home > Blockchain >  Passing Security Group Ids and Subnet Ids in a Clould Formation template
Passing Security Group Ids and Subnet Ids in a Clould Formation template

Time:04-01

Parameters:
  ClusterName:
    Type: String
  ClusterVersion:
    Type: Number
    AllowedValues: [1.21, 1.20, 1.19, 1.18]
  RoleArnValue:
    Type: String
  ListOfSubnetIDs: 
    Description: Array of Subnet IDs
    Type: List<AWS::EC2::Subnet::Id>
  ListOfSecurityGroupIDs:
    Description: Array of security group ids
    Type: List<AWS::EC2::SecurityGroup::Id>


Resources:
  EKSCluster:
    Type: AWS::EKS::Cluster
    Properties:
      Name: !Sub ${ClusterName}
      Version: !Sub ${ClusterVersion}
      RoleArn: !Sub ${RoleArnValue}
      ResourcesVpcConfig:
        SecurityGroupIds: 
          - !Sub ${ListOfSecurityGroupIDs}
        SubnetIds:
          - !Sub ${ListOfSubnetIDs}

Above is the .yaml clouldformation template I have created so i can spin up eks cluster. Then i am using aws cli to spin up the cluster using the following command.

aws cloudformation deploy --template-file eks.yaml --stack-name cluster-test --parameter-overrides ClusterName=Dev ClusterVersion=1.21 ListOfSubnetIDs=subnet-11111d11b11b011f4,subnet-99999d237f87f11d7,subnet-222222c110c7e4be7,subnet-88888884de8d25176  ListOfSecurityGroupIDs=sg-01111111a21221 RoleArnValue=arn:aws:iam::123456546456:role/cluster-ServiceRole-WMIC72AOWSP0 --capabilities CAPABILITY_NAMED_IAM

I get the following error

An error occurred (ValidationError) when calling the CreateChangeSet operation: Template error: variable ListOfSecurityGroupIDs in Fn::Sub expression does not resolve to a string

I am not sure why. Am i using !sub in correctly? Would really appreciate input on this.

CodePudding user response:

Since you want to reference the parameters you provided the template as they are, you should use the Ref function.

Here's an example of a valid template:

Parameters:
  ClusterName:
    Type: String
  RoleArnValue:
    Type: String
  ListOfSubnetIDs: 
    Description: Array of Subnet IDs
    Type: List<AWS::EC2::Subnet::Id>
  ListOfSecurityGroupIDs:
    Description: Array of security group ids
    Type: List<AWS::EC2::SecurityGroup::Id>


Resources:
  EKSCluster:
    Type: AWS::EKS::Cluster
    Properties:
      Name: !Ref ClusterName
      RoleArn: !Ref RoleArnValue
      ResourcesVpcConfig:
        SecurityGroupIds: !Ref ListOfSecurityGroupIDs
        SubnetIds: !Ref ListOfSubnetIDs

and here's how I deployed it:

aws cloudformation deploy --template-file eks.yml --stack-name cluster-test --parameter-overrides ClusterName=Dev ListOfSubnetIDs=subnet-be0a99c4,subnet-c71046ae ListOfSecurityGroupIDs=sg-009690ac6b3bff6df,sg-009a3f1cb63943941 -RoleArnValue=...

Sub should be used when you want to perform string manipulation. Checkout the examples from the documentation.

Page link:https//www.codepudding.com/Blockchain/355756.html

Prev:Giving access to everything within S3 bucket
Next:Cloudformation should create documentdb replicas in different availability zones
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding