CloudFormation Magic从帐户ID列表生成ARN列表 [英] CloudFormation Magic to Generate A List of ARNs from a List of Account Ids

问题描述

在我的模板中，我传递了帐户ID的 CommaDelimitedList 作为参数。

In my template, I am passing a CommaDelimitedList of account ids as a parameter.

我希望做一些 Fn :: Join 和/或 Fn :: Sub 使用魔术来转换列表，如下所示：

I am hoping to do some Fn::Join and/or Fn::Sub magic to transform the list as follow:

 "Accounts" : {
     "Type" : "CommaDelimitedList",
     "Default" : "12222234,23333334,1122143234,..."
}

To be used in the template as a list `root` ARN's as :
 [
   "arn:aws:iam::12222234:root"
   "arn:aws:iam::23333334:root"
   "arn:aws:iam::1122143234:root"
 ]

现在我正在传递完整的ARN ，因此它可以正常工作，但是很笨拙。但是事实证明，CFN内置函数很难做到这一点。

Right now I am passing in the full ARNs, so it's working, but it is kluncky. However the CFN built in functions are proving very hard at doing this.

任何人都可以为这样的代码准备好吗？

Any one have ready code for something like this?

推荐答案

我能够使用Sam Hammamy修改现有答案，以解决使用 Fn对头项和尾项进行特殊处理的局限性： ：Sub 。您还可以将两个 Join s组合在一起。

I was able to adapt the existing answer by Sam Hammamy to work around the limitation of requiring special handling for the first and last items by using Fn::Sub. You can also combine two of the Joins.

在YAML中：

AWS: !Split
  - ','
  - !Sub
    - 'arn:aws:iam::${inner}:root'
    - inner: !Join
      - ':root,arn:aws:iam::'
      - Ref: "Accounts"

，并使用JSON：

"Fn::Split": [
    ",", 
    {
        "Fn::Sub": [
            "arn:aws:iam::${rest}:root", 
            {
                "rest": {
                    "Fn::Join": [
                        ":root,arn:aws:iam::", 
                        { "Ref": "Accounts" }
                    ]
                }
            }
        ]
    }
]

这篇关于CloudFormation Magic从帐户ID列表生成ARN列表的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！