AWS 侦听器 cf 模板在 aws cli 中给出错误但在控制台（设计模板）中有效

Question

我正在尝试为负载均衡器创建 2 个侦听器。

第一个 - 用于重定向的 HTTP，第二个 - 用于转发的 HTTPS。

我正在尝试通过 cf 模板实现此目的。每次我通过设计模板在控制台中执行堆栈时，它都会成功验证。但是当我使用 aws cli 尝试相同的堆栈时，出现以下错误。

An error occurred (ValidationError) when calling the CreateStack operation: Template format error: Unresolved resource dependencies [ApplicationLoadBalancer] in the Resources block of the template

以下是侦听器和 LB 的代码示例。

"ApplicationLoadBalancer": {
      "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer",
      "Condition": "NeedELB",
      "Properties": {
        "Subnets": [
          {
            "Fn::GetAtt": [
              "VpcStack",
              "Outputs.PublicSubnet1"
            ]
          },
          {
            "Fn::GetAtt": [
              "VpcStack",
              "Outputs.PublicSubnet2"
            ]
          }
        ],
        "SecurityGroups": [
          {
            "Fn::GetAtt": [
              "VpcStack",
              "Outputs.ELBSecurityGroup"
            ]
          }
        ],
        "Tags": [
          {
            "Key": "Stack",
            "Value": {
              "Ref": "AWS::StackName"
            }
          },
          {
            "Key": "FargateCluster",
            "Value": {
              "Ref": "FargateECSCluster"
            }
          }
        ]
      }
    },
    "LoadBalancerHTTPListener": {
      "Type": "AWS::ElasticLoadBalancingV2::Listener",
      "Properties": {
        "DefaultActions": [
          {
            "Type": "redirect",
            "RedirectConfig": {
              "Host": "#{host}",
              "Path": "/#{path}",
              "Port": "443",
              "Protocol": "HTTPS",
              "Query": "#{query}",
              "StatusCode": "HTTP_302"
            }
          }
        ],
        "LoadBalancerArn": {
          "Ref": "ApplicationLoadBalancer"
        },
        "Port": "80",
        "Protocol": "HTTP"
      },
      "DependsOn": [
        "ApplicationLoadBalancer"
      ]
    },
    "LoadBalancerListener": {
      "Type": "AWS::ElasticLoadBalancingV2::Listener",
      "Condition": "NeedELB",
      "Properties": {
        "DefaultActions": [
          {
            "Type": "forward",
            "TargetGroupArn": {
              "Ref": "DefaultTargetGroup"
            }
          }
        ],
        "LoadBalancerArn": {
          "Ref": "ApplicationLoadBalancer"
        },
        "Port": "443",
        "Protocol": "HTTPS",
        "Certificates": [
          {
            "CertificateArn": {
              "Fn::If": [
                "NeedTLSEndPoint",
                {
                  "Ref": "SSLCertificateArn"
                },
                {
                  "Ref": "AWS::NoValue"
                }
              ]
            }
          }
        ]
      },
      "DependsOn": [
        "DefaultTargetGroup",
        "ApplicationLoadBalancer"
      ]
    }

请帮我解决验证错误。提前致谢。

Answer 1

从 CLI 创建时，条件 NeedELB 是否有变化？我看到资源 LoadBalancerHTTPListener 依赖于有条件地创建的 ApplicationLoadBalancer。如果 NeedELB 为假，堆栈可能仍会尝试创建 LoadBalancerHTTPListener。无论哪种方式，您都应该为 LoadBalancerHTTPListener.

添加该条件

PS：尝试更新您的 CLI。较旧的 CLI 版本可能会导致此问题。案例

AWS 侦听器 cf 模板在 aws cli 中给出错误但在控制台（设计模板）中有效

AWS listener cf template gives error in aws cli but is valid in console(design template)

amazon-web-services

amazon-cloudformation

aws-load-balancer