I'm trying to !Ref from one parameter to another in CloudFormation. I tried several things but it just doesn't seem to work.
UserID:
Description: "Enter the user ID provided by your organization"
Type: String
AllowedPattern : ".+"
Date:
Description: "Enter the Date in YYYYMMDD format"
Type: String
AllowedPattern : ".+"
AccountName:
I would like to contruct AccountName using UserID and Date entered by the user. Can someone please help?
Suppose user enters abcd01 and 20201124 --> I want the account name to be automatically abcd01-20201124
Instead of another Parameter, use Sub wherever you need that combined value:
!Sub ${UserID}-${Date}
Related
I'm trying to filter the event log based on regex but I'm unable to figure it out yet.
Scenario 1): I want to match the full line starting with Account Name but I don't want to match the line if it has - (hyphen) only that. But it should match -test-user.
I tried (Account Name:.*(!-).*) but it isn't working.
Content:
Account Name: -
Account Name: testing
Scenario 2): I want to try matching the second Account name line with or without hyphen in the Account For Which Logon Failed section and not from Subject section.
I tried (Account Name:.*){2} but it isn't working.
Content:
Account Name: -
Account Name: testing
Scenario 3): Combine both Scenario, Match the second Account name line but only it has no - (hyphen). If the second Account name has only hyphen then don't match anything but it should match -test-user.
I'm trying to learn here that's why I want to figure out all three scenario. Eventually I'll use only the last one.
Here is the full content:
Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: testing
See if this answers your question
/Account Name:\s*[^-][a-z]+$/gm
You can find the working example here
if you want to match all the special characters excluding - then you can use
/Account Name:\s*[a-zA-Z0-9~##$^&*()_+=[\]{}|\\,.?:<>'"\/;`%]+.*$/gm
You can include any special character in the list that you want inside []
updated example
Here is my cloud formation template which passes event patter to the sub stack which in fact creates the rule depending on the event data.
cloudwatchRule:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub "${s3Path}/cw-rule.yml"
Parameters:
eventPattern: !Join
- ' '
- - '{"source":["aws.iam"],"detail-type":["AWS API Call via CloudTrail"],"detail":{"eventSource":["iam.amazonaws.com"],"eventName":['
- Fn::Split:
- ','
- !Sub ${ssmParamWhichContainsEventNames}
- ']}}'
ruleState: "ENABLED"
#The value of ssmParamWhichContainsEventNames is of format #"CreateServiceSpecificCredential,DeactivateMFADevice"
When I run this I get the following error
Template error: every Fn::Join object requires two parameters, (1) a string delimiter and (2) a list of strings to be joined or a function that returns a list of strings (such as Fn::GetAZs) to be joined.. Rollback requested by user.
I have tried various techniques to format the order of !Join !Split !Sub
I have also tried using Fn::Join (full function format) but it keeps failing.
eventName in the eventPattern parameter expects the input in following format.
"eventName":["event1","event2","event3","event4"]
My SSM variable has event names in the format "event1,event2,event3..." To make it compatible with eventName and make the cloudwatch rule run, I'll have to transform "event1,event2,event3..." to '"event1","event2","event3"...'
One option is that I convert the SSM to my acceptable format but this is the thing I want to avoid for some reason.
Can anyone help me figure out the way to transform the "CreateServiceSpecificCredential,DeactivateMFADevice" to ' "CreateServiceSpecificCredential","DeactivateMFADevice" ' (each value enclosed within double quotes and whole string enclosed within single quotes
I keep feeling that I'm not correctly writing the intrinsic functions in the above code in the correct order.
In case somebody is still looking for how to make it happen. Here is the cloudformation template piece that split comma separated string and make it into an array of individual elements to be injected into the "eventName" attribute:
cloudwatchRule:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub "${s3Path}/cw-rule.yml"
Parameters:
eventPattern: !Sub
- |
{"source":["aws.iam"],"detail-type":["AWS API Call via CloudTrail"],"detail":{"eventSource":["iam.amazonaws.com"],"eventName":[
"${eventNames}"
]}}
- eventNames: !Join
- '","'
- !Split
- ','
- !Ref ssmParamWhichContainsEventNames
ruleState: "ENABLED"
When I'm creating CloudFormation template with the use of interactive Parameters, I can define the type of List<> to be able to select multiple values, for example:
SubnetIds:
Type: List<AWS::EC2::Subnet::Id>
Description: Select multiple subnets from selected VPC.
Default: "????"
or:
SecurityGroups:
Type: List<AWS::EC2::SecurityGroup::Id>
Description: Select security groups.
Default: "???"
The question is how do I pre-set default value with multiple selections? if default takes only the string instead of a list, and string with commas between multiple values also doesn't help
Any ideas? please, hint me
I recently run in the same issue.
The answer is simple - there should be no spaces in your comma-separated list.
So it would look like:
SecurityGroups:
Type: List<AWS::EC2::SecurityGroup::Id>
Description: Select security groups.
Default: "sg-11111111,sg-22222222"
And this way the values would be preselected in your template.
P.S. Do not try CommaDelimitedList or so - it won't work in the way you want. The string values would be selected, but not the actual security groups.
Source: https://forums.aws.amazon.com/thread.jspa?threadID=165144
We are automating a lambda via SAM to run on a Schedule Event. We use YAML but we are unable to work out how to use !Sub to make the Input be dynamic.
If you read the sam documentation it says that Input needs to be a JSON formatted string
The following code works for us:
Events:
Event1:
Type: Schedule
Properties:
Schedule: rate(1 minute)
Input: >-
{
"sqsUrl": "https://sqs.12344.url",
"snsArn": "arn:val"
}
But we need to insert dynamic params into the Input like so:
Events:
Event1:
Type: Schedule
Properties:
Schedule: rate(1 minute)
Input: >-
{
"sqsUrl": "https://sqs.${AWS::AccountId}.url",
"snsArn": "arn:val"
}
We have tried to do this in multiple ways, using a !Sub but the deployment always fails saying that it needs to be valid JSON.
What is the correct way to make this JSON string use variables?
Thanks,
Mark
So, you should wrap all Input value (in your case this is json-string and of course it should be wrapped with some quotes) with the !Sub function.
Then, it will look like:
Input:
Fn::Sub: '{"sqsUrl": "https://sqs.${AWS::AccountId}.url","snsArn": "arn:val"}'
I've used something like:
!Sub |
{
"sqsUrl": "https://sqs.${AWS::AccountId}.url",
"snsArn": "arn:val"
}
the | (and >- among others) define the way yaml handles the line breaks in the string.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-rds-dbparametergroup.html
and
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbclusterparametergroup.html
Unless I am doing it wrong - I cannot set parameters groups name via CF templates, while I can easily set it via GUI and via CLI (https://docs.aws.amazon.com/cli/latest/reference/rds/create-db-parameter-group.html). Additionally, for whatever reason, db cluster parameters group expects a non-empty parameters.
Is there a way to pass both name and parameters via CloudFormation?
For the name, add a tag called Name. For the parameters I end up just adding a unimportant setting to its default value:
ParameterGroup:
Type: AWS::RDS::DBParameterGroup
Properties:
...
Parameters:
application_name: ''
Tags:
- Key: Name
Value: "MyParameterGroupName"