Sha*_*hah 2 amazon-web-services aws-cloudformation
我有下面的 CloudFormation 模板,主要创建一个 Secrets 和一个 EC2。我想更改 EC2 中的一些配置文件,并且需要使用用户数据将 Secrets 中的值放入变量中,但我无法从 Secrets 中获取值。你能帮我解决我的代码吗
AWSTemplateFormatVersion: 2010-09-09
Description: builds secretsManager and ec2
Parameters:
EnvironmentName:
Type: String
SharedVpcID:
Type: AWS::EC2::VPC::Id
SharedPubSubnetID1:
Type: AWS::EC2::Subnet::Id
SharedPubSubnetID2:
Type: AWS::EC2::Subnet::Id
PrivateSubnetId:
Type: AWS::EC2::Subnet::Id
SecretValue:
Type: String
Default: "{{resolve:secretsmanager:${SecretsManager}:SecretString:password}}"
Resources:
SharedVPCDefaultSecurityGroup:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: https://advanced-artefacts.s3-eu-west-1.amazonaws.com/internal/templates/sg/securitygroup.yaml
Parameters:
EnvironmentName: !Ref EnvironmentName
VPCID: !Ref SharedVpcID
SecretsManager:
Type: AWS::SecretsManager::Secret
Properties:
Description: 'This is my rds instance secret'
GenerateSecretString:
SecretStringTemplate: '{"username": "admin"}'
GenerateStringKey: 'password'
PasswordLength: 16
ExcludeCharacters: '"@/\'
WebInstance:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
ImageId: ami-08b993f76f42xxxxx
NetworkInterfaces:
- AssociatePublicIpAddress: true
DeviceIndex: "0"
GroupSet:
- !GetAtt SharedVPCDefaultSecurityGroup.Outputs.DefaultSecurityGroup
SubnetId: !Ref SharedPubSubnetID1
KeyName: xxx
UserData:
Fn::Base64: !Sub |
#!/bin/bash -xe
PasswordStr1='{{resolve:secretsmanager:${SecretsManager}:SecretString:password}}'
export $PasswordStr1
sudo echo $PasswordStr1
PasswordStr2={SecretValue}
export $PasswordStr2
sudo echo $PasswordStr2
| 归档时间: |
|
| 查看次数: |
2113 次 |
| 最近记录: |