2

我坚持创建 ssm.CfnAssociation 因为我也是 AWS CDK 和 CloudFormation 的新手。我正在尝试通过 ssm.CfnAssociation 创建 AWS Systems Manager 状态管理器任务 (AWS-RunAnsiblePlaybook),但我误解了如何定义参数?我想将参数 url 设置为 s3 的剧本。从 CDK 文档开始,它应该是: parameters (Union[IResolvable, None, Mapping[str, Union[IResolvable, Forwardref]]]) – AWS::SSM::Association.Parameters.

通过 AWS 码头Type: Map of ParameterValues->{ "ParameterValues" : [ String, ... ] }

我试图为参数定义各种类型,但我总是有错误:Value did not match any type in union: Expected object reference, got {"plybook":"s3-url"},Value did not match any type in union: Expected object reference, got "s3-url",Expected object reference, got "s3-url" 如果我使用ssm.CfnAssociation.ParameterValuesPropertyfor 匹配到 key playbookurl,我在部署步骤中有错误:SSMAssociation/SSMAssociation (SSMAssociation6148DA19) Value of {Parameters} must be a map where each value is a list of {String}

你能帮我解决一下吗,因为不知道什么类型以及如何适合参数?谢谢你。

class SSMAssociation(core.Construct):

def __init__(self, scope: core.Construct, id: str, 
ssm_association_name: str, **kwargs) -> None:
    super().__init__(scope, id, **kwargs)

    ssm_param_values = ssm.CfnAssociation.ParameterValuesProperty(
        parameter_values=["s3://test-ansible-test1-pl1/playbook1.yml"],
    )

    ssm_tartgets = ssm.CfnAssociation.TargetProperty(
        key="CDK-Type",
        values="EC2Instance",
    ),

    ssm_association = ssm.CfnAssociation(
        self, "SSMAssociation",
        name=ssm_association_name,
        output_location=None,
        parameters={
            "playbookurl": ssm_param_values,
        },

        targets=None,
    )
4

2 回答 2

0

目前解决这个问题的方法是使用 CfnInclude 而不是 CfnAssociation。但在我看来,以适当的方式使用 CfnAssociation 会更好。

class SSMAssociationConstruct(core.Construct):

def __init__(self, scope: core.Construct, id: str, 
             playbook_url: str,
             ec2_tag_key: str,
             ec2_tag_value: str,
             **kwargs) -> None:
    super().__init__(scope, id, **kwargs)

    if playbook_url is not None:
        cfn_include = core.CfnInclude(
            self, "CfnInclude",
            template={
                "Resources": {
                    "SSMAssociation": {
                        "Type" : "AWS::SSM::Association",
                        "Properties" : {
                            "AssociationName" : "SSMRunAnsible" ,
                            "Name" : "AWS-RunAnsiblePlaybook",
                            "ScheduleExpression": "cron(0 0/30 * * * ? *)",
                            "Parameters" : {
                                "playbookurl":[playbook_url],
                            },
                            "Targets" : [{
                                "Key": f"tag:{ec2_tag_key}",
                                "Values": [f"{ec2_tag_value}"]
                            }]
                          }
                    }
                }
            }
        )
于 2019-10-18T07:51:45.283 回答
0

如上所述,根据python docs,参数是(Union[IResolvable, None, Mapping[str, Union[IResolvable, Forwardref]]]) – AWS::SSM::Association.Parameters,所以你所做的是正确的

我刚刚验证cdk synth接受:

    ssm_param_values = ssm.CfnAssociation.ParameterValuesProperty(
        parameter_values=["s3://test-ansible-test1-pl1/playbook1.yml"],
    )
    ssm_association = ssm.CfnAssociation(
        self, "SSMAssociation",
        name=ssm_association_name,
        output_location=None,
        parameters={
            "playbookurl": ssm_param_values,
        },

        targets=None,
    )

在以下版本中

Python 3.7.4

aws-cdk.aws-events==1.18.0

aws-cdk.aws-iam==1.18.0

aws-cdk.aws-kms==1.18.0

aws-cdk.aws-s3==1.18.0

aws-cdk.aws-ssm==1.18.0

aws-cdk.core==1.18.0

aws-cdk.cx-api==1.18.0

aws-cdk.region-info==1.18.0

但是部署问题仍然存在,您似乎应该使用ssm_param_values.parameter_values它,但 CDK 不接受它

在 CDK 上提交了一个问题,尽管它可能是一个 CF 错误。

CF 文档肯定具有误导性,报告的反馈:

  • 语法说Parameters is just a key: value pair map
  • [Parameters][4]指定一个[ParameterValues][5]匹配 CDK 行为的 Map
于 2019-12-13T01:26:41.270 回答