我写了一个CloudFormation模板,创build一个AutoScaling组,然后在每个环境中启动服务器。
直到今天,公司一直在us-west-2地区工作,SecurityGroups的地图如下所示:
"SecurityGroupMap" : { "DEV" : { "sg" : "sg-d111acbe" }, "Load" : { "sg" : "sg-d111acbe" }, "Staging" : { "sg" : "sg-d123acbe" }, "Prod-US" : { "sg" : "sg-d145acbe" } }, 现在有一个新的动机,我的老板希望我们能够在另一个地区开始构buildCloudFormation模板。
由于是另一个区域,我需要手动创build所需的SecurityGroups并在模板中更新其ID。
我想知道,如果这样的写作方法会起作用:
"SecurityGroupMap" : { "RegionMap": { "us-east-1" : { "DEV" : "sg-1", "Load" : "sg-2", "Staging" : "sg-3", "Prod-US" : "sg-4" }, "us-east-2" : { "DEV" : "sg-1", "Load" : "sg-2", "Staging" : "sg-3", "Prod-US" : "sg-4" }, "us-west-1" : { "DEV" : "sg-1", "Load" : "sg-2", "Staging" : "sg-3", "Prod-US" : "sg-4" }, "us-west-2" : { "DEV" : "sg-d143acbe", "Load" : "sg-d143acbe", "Staging" : "sg-d143acbe", "Prod-US" : "sg-d143acbe" }, "eu-west-1" : { "DEV" : "sg-1", "Load" : "sg-2", "Staging" : "sg-3", "Prod-US" : "sg-4" }, "eu-central-1" : { "DEV" : "sg-1", "Load" : "sg-2", "Staging" : "sg-3", "Prod-US" : "sg-4" }, "eu-west-2" : { "DEV" : "sg-1", "Load" : "sg-2", "Staging" : "sg-3", "Prod-US" : "sg-4" } },
如果是这样, [ { "Fn::FindInMap" : } ]将如何?
在你的第二个例子中,你嵌套了太多的映射。 我build议你删除RegionMap并直接在SecurityGroupMap下的区域。 您可以使用以下方法引用一个安全组:
{ "Fn::FindInMap" : [ "SecurityGroupMap", { "Ref" : "AWS::Region" }, "DEV"] }