Menu
I have a rather annoying issue which I am unable to resolve and will do my best to explain.
The following cut down example works in which I am able to reference a parameter and assign the security groups to my instance via the SecurityGroupIds property:
"Parameters" : {
"pDefaultSg" : {
"Description" : "AWS2 VPC default security groups",
"Type" : "List<AWS::EC2::SecurityGroup::Id>",
"Default" : "sg-245xxxxx,sg-275xxxxx,sg-235xxxxx"
}
}
"Resources" : {
"ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"SecurityGroupIds" : { "Ref" : "pDefaultSg" }
}
}The issue begins when I also want to add a second value to the SecurityGroupIds property referencing a security group resource instantiated within the same template:
"Resources" : {
"ec2Instance" : { ...
"SecurityGroupIds" : [ { "Ref" : "pDefaultSg" }, { "Fn::GetAtt" : "sgDb", "GroupId" } ],
....
"sgDb" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : { ...I am then unable to avoid the following error causing the Cloudformation stack to rollback:
Value of property SecurityGroupIds must be of type List of String
I would really appreciate any pointers.
Many Thanks
639
The issue is that when pDefaultSg is accessed via the Ref intrinsic function it returns a list, therefore your SecurityGroupIds Property looks like
[["sg-245xxxxx","sg-275xxxxx","sg-235xxxxx"],"sg-1234DB"]
The solution is to change your SecurityGroupIds Property to Fn::Join the pDefaultSg List to a comma separated string followed by the sgDb:
"SecurityGroupIds": [
{"Fn::Join":
[",",
{"Ref": "pDefaultSg"}
]
},
{ "Fn::GetAtt" : ["sgDb", "GroupId"] }
]
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
