cloudformation-cli icon indicating copy to clipboard operation
cloudformation-cli copied to clipboard
verified publisher icon aws-cloudformation

Module CommaDelimitedList parameters

Open jfoy opened this issue 4 years ago • 0 comments

The modules documentation says,

Module parameters don't support Type or Constraint enforcement.

Does that mean that modules can't support CommaDelimitedList parameters?

We have a module fragment:

---
Parameters:
  Plan:
    Type: String
  Role:
    Type: String
  Arns:
    Type: CommaDelimitedList

Resources:
  Selection:
    Type: AWS::Backup::BackupSelection
    Properties:
      BackupPlanId: !Ref Plan
      BackupSelections:
        SelectionName: "For demonstration only"
        IamRoleArn: !Ref Role
        Resources: !Ref Arns

And we use it in a template:

Resources:
  Volume:
    Type: AWS::EC2::Volume
    # etc...

  Backup:
    Type: Hiya::Backup::Assignment::MODULE
    Properties:
      Plan: !Ref SomeBackupPlan
      Role: !Ref SomeRole
      Arns: !Ref Volume

When we create a stack from that template, CloudFormation reports the error:

        {
            "StackId": "arn:aws:cloudformation:us-west-2:nnnnnnnnnnnn:stack/a-stack/bbbbbbbb-bbbb-bbbb-bbbb-bbbbbbbbbbbb",
            "EventId": "BackupSelection-CREATE_FAILED-2021-04-06T19:06:59.117Z",
            "StackName": "a-stack",
            "LogicalResourceId": "BackupSelection",
            "PhysicalResourceId": "",
            "ResourceType": "AWS::Backup::BackupSelection",
            "Timestamp": "2021-04-06T19:06:59.117000+00:00",
            "ResourceStatus": "CREATE_FAILED",
            "ResourceStatusReason": "Properties validation failed for resource BackupSelection with message:\n#/BackupSelection/Resources: expected type: JSONArray, found: String",
            "ResourceProperties": "{\"BackupSelection\":{\"SelectionName\":\"For demonstration only\",\"IamRoleArn\":\"arn:aws:iam::nnnnnnnnnnnn:role/a-stack-BackupRole-MMMMMMMMMMMMM\",\"Resources\":\"vol-vvvvvvvvvvvvvvvvv\"},\"BackupPlanId\":\"aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa\"}"
        },

When we force the argument to be a list, we get a different error:

  Backup:
    Type: Hiya::Backup::Assignment::MODULE
    Properties:
      Role: !Ref SomeRole
      Plan: !Ref SomeBackupPlan
      Arns: [ !Ref Volume ]

"StatusReason": "Template format error: Unresolved resource dependencies [BackupVolume] in the Resources block of the template"

We think we can work around this error ourselves by manually packing the arguments in the stack template...

  Backup:
    Type: Hiya::Backup::Assignment::MODULE
    Properties:
      Role: !Ref SomeRole
      Plan: !Ref SomeBackupPlan
      Arns: !Join [ ",", !Ref Volume ]

... and unpacking them at the underlying resource:

  Selection:
    Type: AWS::Backup::BackupSelection
    Properties:
      BackupPlanId: !Ref Plan
      BackupSelections:
        SelectionName: "For demonstration only"
        IamRoleArn: !Ref Role
        Resources: !Split [",", !Ref Arns]

Are modules unable to handle native list parameters?

jfoy avatar Apr 06 '21 20:04 jfoy