部署包含全局资源的多区域CloudFormation堆栈的正确方法是什么? [英] What is the proper way to deploy a multi-region CloudFormation stack that includes global resources?
问题描述
我有一个cloudformation堆栈模板,该模板包含区域资源(lambda,api,主题等)和全局资源(用户,策略,route53,cloudfront,dynamodb全局表等),并希望将其部署到多个区域在同一AWS帐户中。
I have a cloudformation stack template that includes regional resources (lambdas, api, topics, etc.) and global resources (user, policies, route53, cloudfront, dynamodb global tables, etc.) and want to deploy it to multiple region in the same AWS account.
我无法直接在多个区域中部署此堆栈模板,因为在首次创建后便已经存在全局资源。
I can't directly deploy this stack template in multiple region because global resources will already exist after the first creation.
我知道我可以将所有内容拆分为两个单独的堆栈模板,但我希望避免这种情况,并将所有内容都保留在同一单个堆栈模板中。
I know I could split everything in two separate stack templates but I would prefer to avoid this and keep everything in the same single stack template.
我看到我可能可以使用CF 条件 +仅在首次创建时切换全局资源创建的参数,但这看起来不太好...
I saw that I could probably use CF Conditions + Parameters to toggle global resource creation only on first creation but that doesn't look very good...
我想知道是否我可以利用某些CloudFormation功能(例如StackSets或其他功能)来实现这一目标。
I was wondering if I could leverage some CloudFormation feature like StackSets or something else to achieve that.
关于实现此目标的正确方法的任何想法?
Any idea on what would be the proper way to do this?
推荐答案
解决方案就在您手中。我建议您执行以下操作:
The solution is at your hands. I suggest that you do the following:
- 为全局资源创建一个单独的模板(是的,我知道您不喜欢它,但根据我的经验来看效果很好)
- 使用 AWS :: SSM :: Parameter
- 部署区域堆栈并取消引用全局资源(使用参数,例如
AWS :: SSM :: Parameter :: Value< String>或动态参考,例如{{resolve:ssm:S3AccessControl:2}})
- Create a separate template for the global resources (yes, I know that you don't like it, but it works well in my experience)
- Store references to the shared global resources in SSM using AWS::SSM::Parameter
- Deploy regional stacks and de-reference the global resources (either using Parameters, such as the
AWS::SSM::Parameter::Value<String>or dynamic reference, e.g.{{resolve:ssm:S3AccessControl:2}})
您可以使用 StackSets 用于您的区域堆栈部署,或者创建一个参数化的构建脚本,该脚本一次部署一个区域堆栈(可以在本地执行,或者最好由您的CI / CD服务器执行)。
You can use either StackSets for your regional stack deployments or create a parameterized build script that deploys the regional stacks one at the time (to be executed either locally or preferably by your CI/CD server).
这篇关于部署包含全局资源的多区域CloudFormation堆栈的正确方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
