区分 Shell 变量和 Cloudformation 模板参数

问题描述

我遇到了一个用例，其中我看到 Shell Variables 和 Cloudformation Parameters 之间存在冲突。

示例：

我正在写AWS::ImageBuilder::Component

Parameters:
  cloudVersion:
    Type: String
    Default: "1.10.11"
    Description: Cloud Version to release
Resources:
  CloudInstallComponent:
    Type: AWS::ImageBuilder::Component
    Properties:
      Name: CloudamI
      Version: !Ref cloudVersion
      Description: Install the latest cloud.
      ChangeDescription: Cloud First version
      Platform: Linux
      Data: !Sub |
        name: DeployCloudComponents
        description: This is to deploy cloud components.
        schemaVersion: 1.0
        phases:
          - name: build
            steps:
              - name: createuser
                action: ExecuteBash
                inputs:
                  commands:
                    - "Creating New User cloud"
                    - export GroupID=7560
                    - export UserID=7560
                    - export USER=cloud
                    - sudo groupadd --gid ${GroupID} ${USER}
                    - sudo useradd --uid ${UserID} --gid ${GroupID} --create-home --shell /bin/bash ${USER}
                    - sudo usermod -G wheel ${USER}
                    - |-
                        echo "${USER}    ALL=(ALL)       nopASSWD: ALL" >> /etc/sudoers
                    - sudo wget -O a.tgz 'abc.net/mg/api/v1/help/${cloudVersion}/on/download/a.tgz'

现在在上面的代码片段 GroupID 中，UserID 和 USER 是 shell 变量，而 cloudVersion 是 cloudformation 参数。

问题是如何区分它们？

我在 cfn-linter 中看到如下错误

Error   Cfn-Lint    Parameter GroupID for Fn::Sub not found at Resources/CloudInstallComponent/Properties/Data/Fn::Sub  160:7
Error   Cfn-Lint    Parameter USER for Fn::Sub not found at Resources/K2CloudInstallComponent/Properties/Data/Fn::Sub   160:7
Error   Cfn-Lint    Parameter UserID for Fn::Sub not found at Resources/K2CloudInstallComponent/Properties/Data/Fn::Sub 160:7

我可以通过将三个 shell 变量作为 cloudformation 参数来解决歧义。

但如果有人能提出一种区分两种变量的现有方法，那就太好了。

提前致谢。

解决方法

您必须使用 ${!} 表示法 escape 您的变量：

Parameters:
  cloudVersion:
    Type: String
    Default: "1.10.11"
    Description: Cloud Version to release
Resources:
  CloudInstallComponent:
    Type: AWS::ImageBuilder::Component
    Properties:
      Name: CloudAMI
      Version: !Ref cloudVersion
      Description: Install the latest cloud.
      ChangeDescription: Cloud First version
      Platform: Linux
      Data: !Sub |
        name: DeployCloudComponents
        description: This is to deploy cloud components.
        schemaVersion: 1.0
        phases:
          - name: build
            steps:
              - name: CreateUser
                action: ExecuteBash
                inputs:
                  commands:
                    - "Creating New User cloud"
                    - export GroupID=7560
                    - export UserID=7560
                    - export USER=cloud
                    - sudo groupadd --gid ${!GroupID} ${!USER}
                    - sudo useradd --uid ${!UserID} --gid ${!GroupID} --create-home --shell /bin/bash ${!USER}
                    - sudo usermod -G wheel ${!USER}
                    - |-
                        echo "${!USER}    ALL=(ALL)       NOPASSWD: ALL" >> /etc/sudoers
                    - sudo wget -O a.tgz 'abc.net/mg/api/v1/help/${cloudVersion}/on/download/a.tgz'

amazon-cloudformation amazon-ec2 amazon-web-services shell