将变量从 NodeJS 运行时传递回 CloudFormation
Pass variable from NodeJS runtime back into CloudFormation
我有一个 CF 模板,它使用 Javascript 中的无服务器函数来实例化 AWS Connect 实例,因为 Connect 没有实际的 CF 资源。我使用环境变量将值从 CF 传递到内联 Javascript。现在我需要反过来:从 JS 中提取一些值并将它们传递回 CF 模板的其他部分。所以,问题是,如何将变量从 Javascript 传递到 CloudFormation?我怀疑我需要使用类似 Systems Manager Parameter store 的东西,但也许有更简单的方法?具体来说,我需要以下代码片段中的值“serviceRole”可传递给其他 CF 资源:
CreateConnectInstance:
Type: AWS::Serverless::Function
Properties:
Handler: index.handler
Runtime: nodejs12.x
Description: Invoke a function to create an AWS Connect instance.
MemorySize: 128
Timeout: 8
Role: !GetAtt LambdaExecutionRole.Arn
Tracing: Active
Layers:
- !Sub "arn:aws:lambda:us-east-1:${AWS::AccountId}:layer:node_sdk:1"
Environment:
Variables:
IdentityManagementType:
Ref: IdentityManagementType
InboundCallsEnabled:
Ref: InboundCallsEnabled
InstanceAlias:
Ref: InstanceAlias
OutboundCallsEnabled:
Ref: OutboundCallsEnabled
Region:
Ref: Region
#Optional Values
ClientToken: !If
- HasClientToken
- !Ref ClientToken
- !Ref "AWS::NoValue"
DirectoryId: !If
- HasClientToken
- !Ref ClientToken
- !Ref "AWS::NoValue"
InlineCode: |
var AWS = require('aws-sdk');
var response = require('cfn-response');
var connect = new AWS.Connect({apiVersion: '2017-08-08', region: process.env.Region});
exports.handler = (event, context) => {
console.log("Request Received:\n" + JSON.stringify(event));
var instanceId;
var serviceRole;
var isInboundCallsEnabled = (process.env.InboundCallsEnabled == 'true');
var isOutboundCallsEnabled = (process.env.OutboundCallsEnabled == 'true');
var params = {
InboundCallsEnabled: isInboundCallsEnabled,
OutboundCallsEnabled: isOutboundCallsEnabled,
IdentityManagementType: process.env.IdentityManagementType,
ClientToken: process.env.ClientToken,
DirectoryId: process.env.DirectoryId,
InstanceAlias: process.env.InstanceAlias
};
connect.createInstance(params, function (err, data) {
if (err) {
let responseData = { Error: "Create Instance Failed" };
console.log(responseData.Error + ":\n", err);
response.send(event, context, "FAILED", responseData);
instanceId = data.Id;
}
else {
console.log("Connect Instance Creation Successful");
console.log(JSON.stringify(data));
response.send(event, context, "SUCCESS", data);
}
});
connect.describeInstance({InstanceId: instanceId}, function (err,data) {
console.log(JSON.stringify(data));
serviceRole = data.Instance.ServiceRole; // ***NEED TO EXTRACT THIS VALUE to CF***
});
}
它在同一模板中被调用:
InvokeLambda:
Type: AWS::CloudFormation::CustomResource
DependsOn: CreateConnectInstance
Version: "1.0"
Properties:
ServiceToken: !Sub ${CreateConnectInstance.Arn}
向 CloudFormation 发送“SUCCESS”响应时,您可以使用 Data field of the response object to pass the Service Role as a key-value pair. This way, all resources that are created after the Custom Resource can access this information using Fn::GetAtt. From the docs:
After getting a SUCCESS response, AWS CloudFormation proceeds with the
stack operation. If a FAILED response or no response is returned, the
operation fails. Any output data from the custom resource is stored in
the pre-signed URL location. The template developer can retrieve that
data by using the Fn::GetAtt function.
我有一个 CF 模板,它使用 Javascript 中的无服务器函数来实例化 AWS Connect 实例,因为 Connect 没有实际的 CF 资源。我使用环境变量将值从 CF 传递到内联 Javascript。现在我需要反过来:从 JS 中提取一些值并将它们传递回 CF 模板的其他部分。所以,问题是,如何将变量从 Javascript 传递到 CloudFormation?我怀疑我需要使用类似 Systems Manager Parameter store 的东西,但也许有更简单的方法?具体来说,我需要以下代码片段中的值“serviceRole”可传递给其他 CF 资源:
CreateConnectInstance:
Type: AWS::Serverless::Function
Properties:
Handler: index.handler
Runtime: nodejs12.x
Description: Invoke a function to create an AWS Connect instance.
MemorySize: 128
Timeout: 8
Role: !GetAtt LambdaExecutionRole.Arn
Tracing: Active
Layers:
- !Sub "arn:aws:lambda:us-east-1:${AWS::AccountId}:layer:node_sdk:1"
Environment:
Variables:
IdentityManagementType:
Ref: IdentityManagementType
InboundCallsEnabled:
Ref: InboundCallsEnabled
InstanceAlias:
Ref: InstanceAlias
OutboundCallsEnabled:
Ref: OutboundCallsEnabled
Region:
Ref: Region
#Optional Values
ClientToken: !If
- HasClientToken
- !Ref ClientToken
- !Ref "AWS::NoValue"
DirectoryId: !If
- HasClientToken
- !Ref ClientToken
- !Ref "AWS::NoValue"
InlineCode: |
var AWS = require('aws-sdk');
var response = require('cfn-response');
var connect = new AWS.Connect({apiVersion: '2017-08-08', region: process.env.Region});
exports.handler = (event, context) => {
console.log("Request Received:\n" + JSON.stringify(event));
var instanceId;
var serviceRole;
var isInboundCallsEnabled = (process.env.InboundCallsEnabled == 'true');
var isOutboundCallsEnabled = (process.env.OutboundCallsEnabled == 'true');
var params = {
InboundCallsEnabled: isInboundCallsEnabled,
OutboundCallsEnabled: isOutboundCallsEnabled,
IdentityManagementType: process.env.IdentityManagementType,
ClientToken: process.env.ClientToken,
DirectoryId: process.env.DirectoryId,
InstanceAlias: process.env.InstanceAlias
};
connect.createInstance(params, function (err, data) {
if (err) {
let responseData = { Error: "Create Instance Failed" };
console.log(responseData.Error + ":\n", err);
response.send(event, context, "FAILED", responseData);
instanceId = data.Id;
}
else {
console.log("Connect Instance Creation Successful");
console.log(JSON.stringify(data));
response.send(event, context, "SUCCESS", data);
}
});
connect.describeInstance({InstanceId: instanceId}, function (err,data) {
console.log(JSON.stringify(data));
serviceRole = data.Instance.ServiceRole; // ***NEED TO EXTRACT THIS VALUE to CF***
});
}
它在同一模板中被调用:
InvokeLambda:
Type: AWS::CloudFormation::CustomResource
DependsOn: CreateConnectInstance
Version: "1.0"
Properties:
ServiceToken: !Sub ${CreateConnectInstance.Arn}
向 CloudFormation 发送“SUCCESS”响应时,您可以使用 Data field of the response object to pass the Service Role as a key-value pair. This way, all resources that are created after the Custom Resource can access this information using Fn::GetAtt. From the docs:
After getting a SUCCESS response, AWS CloudFormation proceeds with the stack operation. If a FAILED response or no response is returned, the operation fails. Any output data from the custom resource is stored in the pre-signed URL location. The template developer can retrieve that data by using the Fn::GetAtt function.