For example, I have this CF template that ask for these parameters
----- cftemplate.yaml -----
...
Parameters:
**Subnet:
Description: Subnet for the Instance
Type: 'AWS::EC2::Subnet::Id'
SecurityGroups:
Description: Security Group for Instance
Type: 'List<AWS::EC2::SecurityGroup::Id>'**
...
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
...
**SubnetId: !Ref Subnet
SecurityGroupIds: !Ref SecurityGroups**
...
----- cftemplate.yaml -----
For me to deploy the stack, I use this command:
aws cloudformation create-stack --stack-name StackName --template-body file://cftemplate.yaml --parameters file://params.json
Where params.json contains:
----- params.json -----
[
{
"ParameterKey":"Subnet",
"ParameterValue":"subnet-11111111"
},
{
"ParameterKey":"SecurityGroups",
"ParameterValue":"sg-111111111",
"ParameterValue":"sg-222222222"
}
]
----- params.json -----
Now, my goal is to eliminate the use of .json file. Does anyone know the shorthand syntax of the command that should achieve the same effect as above command? Can't seem to find this on the documentations online. Thanks in advance!
The command line equivalent would be (little re-formatted for clarify):
aws cloudformation create-stack \
--stack-name StackName \
--template-body file://cftemplate.yaml \
--parameters ParameterKey=Subnet,ParameterValue=subnet-11111111 ParameterKey=SecurityGroups,ParameterValue=sg-111111111\\,sg-222222222
In the above attention to spaces and commas are important.
I verified the command using my own parameters and my sandbox account:
aws cloudformation create-stack --stack-name StackName --template-body file://instance.yaml --parameters ParameterKey=Subnet,ParameterValue=subnet-0ae6ce0f9bbf52251 ParameterKey=SecurityGroups,ParameterValue=sg-06d2a3e9c8aa99620\\,sg-004d23d188ec1146f
which is correct and results in starting the process of deploying the stack:
{
"StackId": "arn:aws:cloudformation:us-east-1:xxxxxx:stack/StackName/61fbacd0-d3b0-11ea-970a-0ad23187ddb2"
}
From the cli documentation,
$ aws cloudformation create-stack help
...
"--parameters" (list)
A list of "Parameter" structures that specify input parameters for
the stack. For more information, see the Parameter data type.
Shorthand Syntax:
ParameterKey=string,ParameterValue=string,UsePreviousValue=boolean,ResolvedValue=string ...
JSON Syntax:
[
{
"ParameterKey": "string",
"ParameterValue": "string",
"UsePreviousValue": true|false,
"ResolvedValue": "string"
}
...
]
...
where the list elements are separated by space.
you might want to take a look at the rain cli. It's developed but someone from the cloudformation team and it's much better than the aws cli.
https://github.com/aws-cloudformation/rain
Related
I tried to create a container group and want to push those container logs in Loganalytics.
apiVersion: 2019-12-01
location: eastus2
name: mycontainergroup003
properties:
containers:
- name: mycontainer003
properties:
environmentVariables: []
image: fluent/fluentd
ports: []
resources:
requests:
cpu: 1.0
memoryInGB: 1.5
osType: Linux
restartPolicy: Always
diagnostics:
logAnalytics:
workspaceId: /subscriptions/f446b796-978f-4fa0-8462-......../resourcegroups/v_deployment-docker_us/providers/microsoft.operationalinsights/workspaces/deployment-docker-logs
workspaceKey: nEZSOUGe1huaCksRB2ahsFz/ibcaQr3WPdAHiLc............
tags: null
type: Microsoft.ContainerInstance/containerGroups
Now whenever I try to run :
az container create --resource-group rg-deployment-docker --name mycontainergroup003 --file .\azure-deploy-aci.yaml
then I would get the error as :
(InvalidLogAnalyticsWorkspaceId) The log analytics setting is invalid. WorkspaceId contains invalid character, e.g. '/', '.', etc.
Code: InvalidLogAnalyticsWorkspaceId
Message: The log analytics setting is invalid. WorkspaceId contains invalid character, e.g. '/', '.', etc.
Now I wish to create such parameter type with the help of parameter json file as mentioned in the URL:
https://learn.microsoft.com/en-us/azure/azure-monitor/logs/resource-manager-workspace
{
"$schema": "https://schema.management.azure.com/schemas/2019-08-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"workspaceId": {
"type": "string"
}
},
}
Now I would run the below command:
az container create --resource-group rg-deployment-docker --name mycontainergroup003 --file .\azure-deploy-aci.yaml --parameters parameters.json
but getting the error as :
unrecognized arguments: --parameters parameters.json
It seems such arguments are invalid with az container create command. Can someone please suggest an alternate.
You need to pass the log analytics workspace GUID instead of passing the entire ResourceId in your Yaml file and also As per the documentation az container create cmdlet doesn't have any parameter to pass --parameterflag.
Post making the above changes, i am able to deploy the container without any issues.
Here is the sample screenshot output for reference:
I am new to AzureCLI script. I request some guidance here:
Please find the secret(masked value) from my Azure key vault.
{
"**attributes**": {
"created": "2021-10-23T04:26:19+00:00",
"enabled": true,
"id": "https://app-kv-axderfctt.vault.azure.net/secrets/connectionstr/cbcncbc",
"name": "connectionstr",
"**value**": "\"{\\\"eventHubNameSpace\\\":\\\"Pji-11111111-132d-46f7-af0f-aq1234\\\",\\\"eventHubName\\\":\\\"pipeline-swswsw-fb95-4e16-8364-oiu8ikji\\\",\\\"**ConnectionString**\\\":\\\"Endpoint=sb://pji-uit8tihj-132d-46f7-af0f-89897899.servicebus.windows.net/;SharedAccessKeyName=343456-ddddd-4720-b3db-oi89087;SharedAccessKey=xxxx+xxxxxxxx=;EntityPath=pipeline-ttrgfrtyh-fb95-4e16-8364-897uy678i\\\"}\""
I am able to get the complete value but not the specific property(ConnectionString) using below command
CONNECTION_STRING=$(az keyvault secret show --vault-name ${{ parameters.KeyVault }} --name ${{ parameters.SecretName}}--query 'value.ConnectionString')
echo "$CONNECTION_STRING"
I get below error:
ERROR: incorrect usage: [Required] --value VALUE | --file PATH
Please advise on how to extract ConnectionString value excluding EntityPath by escaping slashes \\\.
Thanks in advance.
I resolved this issue using jq library
task: Bash#3
displayName: "Parse WarmRepo Connection String"
inputs:
targetType: 'inline'
script: |
# Parse WarmRepo Connection String
echo 'Parse WarmRepo Connection String'
#Refer https://stedolan.github.io/jq/ to know about jq queries
PipelineConnectionString=`jq -r '.ConnectionString' <<<'$(${{ parameters.StreamingPipelineName }}-EventHub-connectionString)'`
I would like to export a value from a stack that I am running and then import it into another stack as sorta a "global" parameter, so that I can manipulate it and use it for an S3 bucket name. I already know that I can accomplish importing the value individually on a line within a resource using something like:
{ "Fn::ImportValue" : { "Fn::Sub" : "${StackName}-ParameterName" } }
But is there a way to import it into my Parameters section?
Thanks for any help
But is there a way to import it into my Parameters section?
There is no such option. The closest you could get would be to save your global values in SSM Parameter Store and use dynamic references in CloudFormation as Default values in your Parameters.
There are two ways to achieve this
Use SSM Parameter Store, store the value from the source stack to SSM parameter store
BasicParameter:
Type: AWS::SSM::Parameter
Properties:
Name: AvailabilityZone
Type: String
Value:
Ref: AvailabilityZone
and then reference the value directly into the parameters section like below:
---
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
...
AvailabilityZone:
Description: Amazon EC2 instance Availablity Zone
Type: AWS::SSM::Parameter::Value<String>
Default: AvailabilityZone
Mappings: {}
Conditions: {}
Resources:
myinstance:
Type: AWS::EC2::Instance
Properties:
AvailabilityZone:
Ref: AvailabilityZone
...
The full example can be found here
You consume the output from the source stack and pass them to the destination stack while launching the stack.
Source stack output configured
Outputs:
InstanceID:
Description: The Instance ID
Value: !Ref EC2Instance
Consumer them in the destination stack:
aws \
--region us-east-1 \
cloudformation deploy \
--template-file cfn.yml \
--stack-name mystack \
--no-fail-on-empty-changeset \
--tags Application=awesomeapp \
--parameter-overrides \
"Somevar=OUTUT_FROM_SOURCE_STACK"
When I want to exctract the current value of some container env variabe I could use jsonpath with syntax like:
kubectl get pods -l component='somelabel' -n somenamespace -o \
jsonpath='{.items[*].spec.containers[*].env[?(#.name=="SOME_ENV_VARIABLE")].value}')
That will return me the value of env varialbe with the name SOME_ENV_VARIABLE. Pod section with container env variables in json will look like this:
"spec": {
"containers": [
{
"env": [
{
"name": "SOME_ENV_VARIABLE",
"value": "some_value"
},
{
"name": "ANOTHER_ENV_VARIABLE",
"value": "another_value"
}
],
When I want to patch some value in my deployment I'm using commands with syntax like:
kubectl -n kube-system patch svc kubernetes-dashboard --type='json' -p="[{'op': 'replace', 'path': '/spec/ports/0/nodePort', 'value': $PORT}]"
But how can I patch a variable with 'op': 'replace' in cases where I need to use expression like env[?(#.name=="SOME_ENV_VARIABLE")]? Which syntax I should use?
Rather than kubectl patch command, you can make use of kubectl set env to update environment variable of k8s deployment.
envvalue=$(kubectl get pods -l component='somelabel' -n somenamespace -o jsonpath='{.items[*].spec.containers[*].env[?(#.name=="SOME_ENV_VARIABLE")].value}')
kubectl set env deployment/my-app-deploy op=$envvalue
Hope this helps.
Most of them haven't provide proper commands just use as simple as it is =>
kubectl set env deployment/deploy_name APP_VERSION=value -n namespace
op: replace
path: /spec/template/spec/containers/0/env/0/name
value: YOUR_VARIABLE_NAME
op: replace
path: /spec/template/spec/containers/0/env/0/value
value: YOUR_VARIABLE_VALUE
I am trying to add SNS topic to a s3 bucket and I am using the aws cli command to apply a notification configuration to s3bucket called 'test'
I am passing the SNS topic configuration as a json string and when I try to print the json string its printing the json value correctly but somehow aws cli add commas to the json string.
inputevent.sh:
#!/bin/bash
bucketName=test
jsonInput=file:///Users/ish/GitLabProject/validator-cf/inputevent.json
QueueArn="arn:aws:sns:us-east-1:255353535355:SNSTopic"
template='{ "TopicConfigurations": { "Event": "s3:ObjectCreated:*", "Queue": "%s" } }'
TopicConfiguration=$(printf "$template" "$QueueArn")
echo "$TopicConfiguration"
aws s3api put-bucket-notification-configuration --bucket $bucketName --notification-configuration $TopicConfiguration
Error:
{ "TopicConfigurations": { "Event": "s3:ObjectCreated:*", "Queue": "arn:aws:sns:us-east-1:255353535355:SNSTopic" } }
usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:
aws help
aws <command> help
aws <command> <subcommand> help
Unknown options: {, "Event":, "s3:ObjectCreated:*",, "Queue":, "arn:aws:sns:us-east-1:255353535355:SNSTopic", }, }, "TopicConfigurations":
Check your template variable.
Based on the docs, the TopicConfigurations in the --notification-configuration should be an array (since you can have multiple notifications)
Try updating the template variable in your bash script to something like
template='{ "TopicConfigurations": [{ "Event": "s3:ObjectCreated:*", "Queue": "%s" }] }'
Can check the examples to get a better idea