I have created below cloudformation yaml for glue workflow.
Parameter GlWFproperties defined as type string
Type: AWS::Glue::Workflow
Properties:
DefaultRunProperties: !Ref GlWFproperties
Description: !Ref GlWFdescription
MaxConcurrentRuns: !Ref GlWFMaxConcurrentRuns
Name: !Ref GlWFname
I am passing the parameters to this template while deploying it.
If i deploy this template without DefaultRunProperties it works.But when i pass values to "DefaultRunProperties" it fails with error "Internal Failure".
DefaultRunProperties is defined as Type JSON in aws documentation.
Values i am passing to this is as
{ "sql": "inno", "format": "aro"}
also tried
"{ \"sql\": \"inno\", \"format\": \"aro\"}"
Related
I am trying to create a secret using JSON file content and stringData like below but giving some error which I am not able to identify after multiple tries.
apiVersion: v1
kind: Secret
metadata:
name: image-secret
type: Opaque
stringData:
creds: _json_key:{"type": "service_account","project_id": "xyz","private_key_id": "9b0eb25b41ae9161123dbfh56mgj","private_key": "-----BEGIN PRIVATE KEY-----\nmch0iiFz1DAdM8vQTXiETI+3gvSnknXQ0M5WmkA1dkiJgyhe3r8tpeb42jo4FCd\nbHLf9eeIql8TKEm9BAk+qnQZq8FykWEnQLuU7APrFNZ0qtYP8t1Y7HSGpdVmmCyK\nykJAGznKaiEf9SJiNy8HqJy1kOhajn1fL3CdcShWcY793qRLyeFyrIZ\n6lfnjSE9IW5iEOBmxEpXf5Q=\n-----END PRIVATE KEY-----\n","client_email": "argocd-image-updater#xyz.iam.","client_id": "113522222222222222222222222","auth_uri": "https://accounts.google.com,"token_uri": "https://oauth.googleap,"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth/v1/certs","client_x509_cert_url": "https://www.googleapis.com/v1"}
username as _json_key and password is "json file content"
The error which I am getting is as below:-
error: error parsing argocd-image-updater-secret.yaml: error converting YAML to JSON: yaml: line 7: mapping values are not allowed in this context
You're getting bitten by a yaml-ism, as yaml2json or yamllint would inform you
Error: Cannot parse as YAML (mapping values are not allowed here
in "<byte string>", line 5, column 28:
creds: _json_key:{"type": "service_account","project_id" ...
^)
what you'll want is to fold that scalar so the : is clearly character data and not parsed as a yaml key
metadata:
name: image-secret
type: Opaque
stringData:
creds: >-
_json_key:{"type": "service_account","project_id": "xyz","private_key_id": "9b0eb25b41ae9161123dbfh56mgj","private_key": "-----BEGIN PRIVATE KEY-----\nmch0iiFz1DAdM8vQTXiETI+3gvSnknXQ0M5WmkA1dkiJgyhe3r8tpeb42jo4FCd\nbHLf9eeIql8TKEm9BAk+qnQZq8FykWEnQLuU7APrFNZ0qtYP8t1Y7HSGpdVmmCyK\nykJAGznKaiEf9SJiNy8HqJy1kOhajn1fL3CdcShWcY793qRLyeFyrIZ\n6lfnjSE9IW5iEOBmxEpXf5Q=\n-----END PRIVATE KEY-----\n","client_email": "argocd-image-updater#xyz.iam.","client_id": "113522222222222222222222222","auth_uri": "https://accounts.google.com,"token_uri": "https://oauth.googleap,"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth/v1/certs","client_x509_cert_url": "https://www.googleapis.com/v1"}
I need to create, among other items, an SQL instance on the google cloud platform. I am required to create the database using Jinja files.
My Yaml file
imports:
- path: companyInstance.jinja
resources:
# Creates a database instance
- name: dbinstance11
type: companyInstance.jinja
My companyInstance.jinja
resources:
- name: test
type: sqladmin.v1beta4.instance
properties:
zone: europe-west1
settings:
- tier: db-custom-4-15360
Currently, this should all work as far as I can tell but on a full deployment, I get an error message claiming that type is given an array type instead of object.
The full error is below:
ERROR: (gcloud.deployment-manager.deployments.create) Error in Operation [operation-169876402531-756fgfg342844d-6gd6ebb6-8bb655a]: errors:
- code: CONDITION_NOT_MET
location: /deployments/dep/resources/test->$.properties
message: |
error: instance type (array) does not match any allowed primitive type (allowed: ["object"]) level: "error"
schema: {"loadingURI":"#","pointer":"/schemas/Settings"}
instance: {"pointer":"/settings"}
domain: "validation"
keyword: "type"
found: "array"
expected: ["object"]
I would like to export a value from a stack that I am running and then import it into another stack as sorta a "global" parameter, so that I can manipulate it and use it for an S3 bucket name. I already know that I can accomplish importing the value individually on a line within a resource using something like:
{ "Fn::ImportValue" : { "Fn::Sub" : "${StackName}-ParameterName" } }
But is there a way to import it into my Parameters section?
Thanks for any help
But is there a way to import it into my Parameters section?
There is no such option. The closest you could get would be to save your global values in SSM Parameter Store and use dynamic references in CloudFormation as Default values in your Parameters.
There are two ways to achieve this
Use SSM Parameter Store, store the value from the source stack to SSM parameter store
BasicParameter:
Type: AWS::SSM::Parameter
Properties:
Name: AvailabilityZone
Type: String
Value:
Ref: AvailabilityZone
and then reference the value directly into the parameters section like below:
---
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
...
AvailabilityZone:
Description: Amazon EC2 instance Availablity Zone
Type: AWS::SSM::Parameter::Value<String>
Default: AvailabilityZone
Mappings: {}
Conditions: {}
Resources:
myinstance:
Type: AWS::EC2::Instance
Properties:
AvailabilityZone:
Ref: AvailabilityZone
...
The full example can be found here
You consume the output from the source stack and pass them to the destination stack while launching the stack.
Source stack output configured
Outputs:
InstanceID:
Description: The Instance ID
Value: !Ref EC2Instance
Consumer them in the destination stack:
aws \
--region us-east-1 \
cloudformation deploy \
--template-file cfn.yml \
--stack-name mystack \
--no-fail-on-empty-changeset \
--tags Application=awesomeapp \
--parameter-overrides \
"Somevar=OUTUT_FROM_SOURCE_STACK"
I'm writing AWS CloudFormation template (using yaml) which creates AWS Service Catalog Product.
I'm getting the template for the product using parameter S3FilePath which has a value like the above path: https://bucket.s3-eu-west-1.amazonaws.com/template.yml.
The URL to the file needs to be send in a JSON format as shown here (this example works):
Resources:
Type: AWS::ServiceCatalog::CloudFormationProduct
Properties:
Description: Example Product
Distributor: xyz
Name: ExampleProduct
Owner: xyz
ProvisioningArtifactParameters:
- Description: Example Product
Info: { "LoadTemplateFromURL": "https://bucket.s3-eu-west-1.amazonaws.com/template.yml" }
Name: Version1
I tried to replace the URL using !Sub and !Ref as shown below:
Parameters:
S3FilePath:
Type: String
Description: file name
Resources:
Type: AWS::ServiceCatalog::CloudFormationProduct
Properties:
Description: Example Product
Distributor: xyz
Name: ExampleProduct
Owner: xyz
ProvisioningArtifactParameters:
- Description: Example Product
Info: !Sub
- '{ "LoadTemplateFromURL": "${FILEPATH}" }'
- {FILEPATH: !Ref S3FilePath}
Name: Version1
But the CloudFormation stack fails with the error: "invalid input".
I guess I am building the JSON in a wrong way, I tried to use \ before each ' " ' but it didn't help either and I couldn't find an example which explain how to build this correctly. There is no problem with the S3FilePath parameter.
Can you please advice how to use the !Sub and !Ref correctly to build the JSON? Thanks.
Here is an example: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-sub.html#w2ab1c25c28c59c11
Despite the documentation saying the Info parameter is JSON, the example shows just a name/value pair (Map): https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicecatalog-cloudformationproduct-provisioningartifactproperties.html
Try formatting your string as
Info: !Sub
- "LoadTemplateFromURL": "${FILEPATH}"
- {FILEPATH: !Ref S3FilePath}
You can reference any Parameters or LogicalResourceId directly inside a !Sub like so:
ProvisioningArtifactParameters:
- Description: Example Product
Info: !Sub '{ "LoadTemplateFromURL": "${S3FilePath}" }'
Name: Version1
This should work totally fine. The way you were doing substitutions is useful when you want to use conditions and/or mapping inside a !Sub.
I think it should be simply:
ProvisioningArtifactParameters:
- Description: Example Product
Info:
LoadTemplateFromURL: !Ref S3FilePath
Name: Version1
This is at least what I have in my own AWS::ServiceCatalog::CloudFormationProduct templates.
ProvisioningArtifactParameters:
- DisableTemplateValidation: false
Info:
LoadTemplateFromURL: !Ref S3FilePath
I get this error whenever I launch my stack
(Network interfaces and an instance-level security groups may not be
specified on the same request (Service: AmazonEC2; Status Code: 400;
Error Code: InvalidParameterCombination; Request ID:....))
and the status in Aws console is: ROLLBACK_COMPLETE
How I can solve this error?
EC2Instance:
Type: 'AWS::EC2::Instance'
Properties:
SecurityGroups:
- !Ref SecurityGroup
KeyName : !Ref EC2Key
AvailabilityZone: us-east-2a
ImageId: ami-01410f0e8f8b1acca
InstanceType: t2.micro
NetworkInterfaces:
- DeviceIndex: '0'
SubnetId: !Ref PublicSubnet
Is there a specific reason why you want to specify network interface?
If all you need to accomplish is to deploy the instance into the specific subnet, just drop the NetworkInterfaces part and specify the subnet for the instance itself.
EC2Instance:
Type: 'AWS::EC2::Instance'
Properties:
SecurityGroups:
- !Ref SecurityGroup
KeyName : !Ref EC2Key
AvailabilityZone: us-east-2a
ImageId: ami-01410f0e8f8b1acca
InstanceType: t2.micro
SubnetId: !Ref PublicSubnet