Cloudformation YAML 模板如果没有按预期工作

Cloudformation YAML template if else not working as expected

我有 cloudformation 文件来检查它是否是 Apple 添加 IP 或添加其他 IP。

但是,我想为 Apple 和非 Apple 添加 IP,而无需将 IP 复制到它们。

写一次!

尝试执行此操作时,出现验证错误...

这是我的原始代码 -

SecurityGroupIngress: !If
        - IsApple
        - - Description: "Its Apple IP"
            FromPort: X
            ToPort: X
            IpProtocol: tcp
            CidrIp: X.X.X.X
        - - Description: "It's not Apple IP"
            FromPort: X
            ToPort: X
            IpProtocol: tcp
            CidrIp: X.X.X.X

这就是我想要的改变-

SecurityGroupIngress:
         - Description: "Its *All* fruits IPs"
           FromPort: X
           ToPort: X
           IpProtocol: tcp
           CidrIp: X.X.X.X
      !If
        - IsApple
        - - Description: "Its Apple IP"
            FromPort: X
            ToPort: X
            IpProtocol: tcp
            CidrIp: X.X.X.X
        - - Description: "It's not Apple IP"
            FromPort: X
            ToPort: X
            IpProtocol: tcp
            CidrIp: X.X.X.X

您应该将 !If 移动到 SecurityGroupIngress 数组中:

  SecurityGroupIngress:
         - Description: "Its *All* fruits IPs"
           FromPort: X
           ToPort: X
           IpProtocol: tcp
           CidrIp: X.X.X.X
        - !If
          - IsApple
          - Description: "Its Apple IP"
            FromPort: X
            ToPort: X
            IpProtocol: tcp
            CidrIp: X.X.X.X
          - Description: "It's not Apple IP"
            FromPort: X
            ToPort: X
            IpProtocol: tcp
            CidrIp: X.X.X.X

我还没有测试过这个,但我认为上面的应该有效。