Home > Net >  ARN as a parameter in Cloud Formation Stack
ARN as a parameter in Cloud Formation Stack

Time:02-08

I wanted to use the ARN as parameter input to cloudformation stack resources EventRuleRegion1 - Target as well as EventBridgeIAMrole , but it is not working. when i call with Ref function

Original ARN

arn:aws:events:ap-southeast-2:123456789123:event-bus/central-eventbus-sydney

When i give the arn directly in code its working fine.

Code

AWSTemplateFormatVersion: 2010-09-09

Parameters:
  EventBridgeName:
    Description: Enter the Event Bridge Name
    Type: String
    Default: ec2-lifecycle-events
    
  EventBusName:
    Description: Enter the Central Event Bus Name
    Type: String
    Default: central-eventbus-sydney
    
  EventBusArn:
    Description: Enter the ARN of Central Event Bus
    Type: String
    Default: arn:aws:events:ap-southeast-2:123456789123:event-bus/central-eventbus-sydney
    
  Monitoringaccount:
    Description: Enter the Monitoring AWS account number
    Type: String
    Default: 123456789123

Resources:
    EventRuleRegion1:
        Type: AWS::Events::Rule
        Properties: 
            Description: Event rule to send events to monitoring account event bus
            EventBusName: default
            EventPattern:
                source:
                    - aws.ec2
                detail-type:
                    - "EC2 Instance State-change Notification"
                detail:
                  state:
                    - "running"
                    - "stopped"
                    - "terminated"
                    
            Name: !Ref EventBridgeName
            State: ENABLED
            Targets: 
                - Arn: >-
                    - !Join [ "", [ !Sub "arn:aws:events:${AWS::Region}:123456789123:event-bus/",!Ref EventBusName ] ]
                  Id: !Ref EventBusName
                  RoleArn: !GetAtt
                    - EventBridgeIAMrole
                    - Arn      
                  
    
    
    EventBridgeIAMrole:
        Type: 'AWS::IAM::Role'
        Properties:
            AssumeRolePolicyDocument:
                Version: 2012-10-17
                Statement:
                    - Effect: Allow
                      Principal:
                        Service: !Sub events.amazonaws.com
                      Action: 'sts:AssumeRole'
            Path: /
            Policies:
                - PolicyName: PutEventsDestinationBus
                  PolicyDocument:
                    Version: 2012-10-17
                    Statement:
                        - Effect: Allow
                          Action:
                            - 'events:PutEvents'
                          Resource:
                            - >-
                              - !Join [ "", [ !Sub "arn:aws:events:${AWS::Region}:123456789123:event-bus/",!Ref EventBusName ] ]

Error

Parameter - !Join [ "", [ !Sub "arn:aws:events:${AWS::Region}:123456789123:event-bus/",!Ref EventBusName ] ] is not valid. Reason: Provided Arn is not in correct format. (Service: AmazonCloudWatchEvents; Status Code: 400; Error Code: ValidationException; Request ID: 0d52a1d6-095e-44f7-9455-b7481dc4fb8d; Proxy: null)

CodePudding user response:

The use of >- will result in literal strings, not evaluation of your CFN functions (join, ref). It should be:

            Targets: 
                - Arn: !Join [ "", [ !Sub "arn:aws:events:${AWS::Region}:123456789123:event-bus/",!Ref EventBusName ] ]

Page link:https//www.codepudding.com/net/292537.html

Prev:How do I make my Dockerfile use base images from ECR registry instead of Dockerhub?
Next:How many times do I need to run cdk bookstrap?
  •  Tags:  
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding