本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
變更集範例
本節提供將為常見堆疊變更 CloudFormation 建立的變更集範例。這些範例將說明如何直接編輯範本、修改單一輸入參數、規劃資源重新建立 (替換) 作業,以免未備份的資料遺失,或是堆疊中執行的應用程式中斷;透過這些範例,您亦能掌握新增與移除資源的方法。為了示範變更集的運作方式,我們將逐步解說您所提交的變更,並探討隨後產生的變更集。本節的每個範例皆是以先前的範例為建立基礎,且會假設您已掌握之前的釋例,因此建議您按照順序詳讀。如需變更集中每個欄位的說明,請參閱「AWS CloudFormation API參考」中的「變更資料類型」。
您可以使用控制台 AWS CLI、或 CloudFormation DescribeChangeSetAPI操作來檢視變更集詳細資訊。
為了從堆疊中產生下述各個變更集,此處會採用以下範例範本
{ "AWSTemplateFormatVersion" : "2010-09-09", "Description" : "A sample EC2 instance template for testing change sets.", "Parameters" : { "Purpose" : { "Type" : "String", "Default" : "testing", "AllowedValues" : ["testing", "production"], "Description" : "The purpose of this instance." }, "KeyPairName" : { "Type": "AWS::EC2::KeyPair::KeyName", "Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance" }, "InstanceType" : { "Type" : "String", "Default" : "t2.micro", "AllowedValues" : ["t2.micro", "t2.small", "t2.medium"], "Description" : "The EC2 instance type." } }, "Resources" : { "MyEC2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "KeyName" : { "Ref" : "KeyPairName" }, "InstanceType" : { "Ref" : "InstanceType" }, "ImageId" : "ami-8fcee4e5", "Tags" : [ { "Key" : "Purpose", "Value" : { "Ref" : "Purpose" } } ] } } } }
直接編輯範本
當您直接修改堆疊範本中的資源以產生變更集時,會將變更 CloudFormation 分類為直接修改,而不是由更新的參數值所起始的變更。以下變更集便是直接修改的範例,其會將新標籤新增至 i-1abc23d4 執行個體。由於要著重探討 Changes 結構,參數值和功能等所有其他輸入值皆會保持不變。
{ "StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000", "Status": "CREATE_COMPLETE", "ChangeSetName": "SampleChangeSet-direct", "Parameters": [ { "ParameterValue": "testing", "ParameterKey": "Purpose" }, { "ParameterValue": "MyKeyName", "ParameterKey": "KeyPairName" }, { "ParameterValue": "t2.micro", "ParameterKey": "InstanceType" } ], "Changes": [ { "ResourceChange": { "ResourceType": "AWS::EC2::Instance", "PhysicalResourceId": "i-1abc23d4", "Details": [ { "ChangeSource": "DirectModification", "Evaluation": "Static", "Target": { "Attribute": "Tags", "RequiresRecreation": "Never" } } ], "Action": "Modify", "Scope": [ "Tags" ], "LogicalResourceId": "MyEC2Instance", "Replacement": "False" }, "Type": "Resource" } ], "CreationTime": "2020-11-18T23:35:25.813Z", "Capabilities": [], "StackName": "SampleStack", "NotificationARNs": [], "ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet-direct/1a2345b6-0000-00a0-a123-00abc0abc000" }
在 Changes 結構中,僅有一個 ResourceChange 結構。此結構描述的資訊包括要變更的資源 CloudFormation 類型、 CloudFormation 將採取的動作、資源的 ID、變更範圍,以及變更是否需要取代 (在此處 CloudFormation 建立新資源,然後刪除舊資源)。在此範例中,變更集會指出 CloudFormation 將修改i-1abc23d4EC2執行個體的Tags屬性,而且不需要取代執行個體。
在Details結構中,將此變更 CloudFormation 標示為直接修改,永遠不需要重新建立 (取代) 實例。您可以自信地執行此更改,因為知道 CloudFormation 不會取代實例。
CloudFormation 將此變更顯示為Static評估。靜態評估意味著 CloudFormation 可以在執行變更集之前確定標籤的值。在某些情況下, CloudFormation 只有在執行變更集之後才能決定值。 CloudFormation將這些變更標示為Dynamic評估。例如,如果您參考已有條件取代的更新資源,則 CloudFormation 無法判斷對更新資源的參考是否會變更。
修改輸入參數值
修改輸入參數值時, CloudFormation 會為每個使用更新參數值的資源產生兩項變更。在本範例中,我們會詳細說明這些變更的效果,以及應注重的資訊。系統在產生本範例時,僅有變更 Purpose 輸入參數的值。
Purpose參數指定例證的標籤鍵EC2值。本範例會將 testing 參數值變更為 production。而 Parameters 結構即會顯示新的值。
{ "StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000", "Status": "CREATE_COMPLETE", "ChangeSetName": "SampleChangeSet", "Parameters": [ { "ParameterValue": "production", "ParameterKey": "Purpose" }, { "ParameterValue": "MyKeyName", "ParameterKey": "KeyPairName" }, { "ParameterValue": "t2.micro", "ParameterKey": "InstanceType" } ], "Changes": [ { "ResourceChange": { "ResourceType": "AWS::EC2::Instance", "PhysicalResourceId": "i-1abc23d4", "Details": [ { "ChangeSource": "DirectModification", "Evaluation": "Dynamic", "Target": { "Attribute": "Tags", "RequiresRecreation": "Never" } }, { "CausingEntity": "Purpose", "ChangeSource": "ParameterReference", "Evaluation": "Static", "Target": { "Attribute": "Tags", "RequiresRecreation": "Never" } } ], "Action": "Modify", "Scope": [ "Tags" ], "LogicalResourceId": "MyEC2Instance", "Replacement": "False" }, "Type": "Resource" } ], "CreationTime": "2020-11-18T23:59:18.447Z", "Capabilities": [], "StackName": "SampleStack", "NotificationARNs": [], "ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet/1a2345b6-0000-00a0-a123-00abc0abc000" }
結Changes構的功能類似於它在直接編輯範本示例中的方式。只有一個ResourceChange結構;它描述了對i-1abc23d4EC2實例Tags屬性的更改。
不過,在 Details 結構中,即便僅變更一個參數值,變更集仍會針對 Tags 屬性顯示兩項變更。若資源是將變更後的參數值作為參考資料 (使用 Ref 內部函數),一律會產生兩項變更:一項是 Dynamic 評估,另一項則是 Static 評估。如需查看這類型的變更,請檢視下列欄位:
-
若變更屬於
Static評估,請檢視ChangeSource欄位。在本範例中,ChangeSource欄位等於ParameterReference,這表示此變更是更新後參數參考值所產生的結果;該變更集必須包含類似的Dynamic評估變更。 -
透過比較兩項變更的
Dynamic結構,即可找到相符的Target評估變更,當中將包含相同資訊。在本範例中,兩項變更的Target結構皆涵蓋相同的Attribute值和RequireRecreation欄位。
查看這類型的變更時,應該著重於 Static 評估,因為該評估所提供的變更資訊最為詳細。在本範例中,Static 評估顯示的變更屬於參數參考值 (ParameterReference) 的更改結果;CauseEntity 欄位 (Purpose 參數) 則會確切指示已變更的參數。
判斷 Replacement 欄位的值
ResourceChange結構中的Replacement欄位 CloudFormation 會指出是否要重新建立資源。只需規劃資源的重新建立或替換作業,即可避免未備份的資料遺失,或是堆疊中執行的應用程式中斷。
Replacement 欄位中的值會取決於是否需要替換變更項目,這會視變更 RequiresRecreation 結構中的 Target 欄位指示而定。舉例來說,若 RequiresRecreation 欄位為 Never,則 Replacement 欄位的值將為 False。但是,如果單一資源有多項變更,且每項變更的RequiresRecreation欄位值不同,則會使用最具侵入性的行為來更 CloudFormation 新資源。換句話說,如果許多變更中只有一項需要取代,則 CloudFormation 必須取代資源,因此將Replacement欄位設定為True。
下列變更集是透過變更每個參數 (Purpose、和KeyPairName) 的值而產生的InstanceType,這些參數全部由EC2執行個體使用。透過這些變更, CloudFormation 將需要取代執行個體,因為Replacement欄位等於True。
{ "StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000", "Status": "CREATE_COMPLETE", "ChangeSetName": "SampleChangeSet-multiple", "Parameters": [ { "ParameterValue": "production", "ParameterKey": "Purpose" }, { "ParameterValue": "MyNewKeyName", "ParameterKey": "KeyPairName" }, { "ParameterValue": "t2.small", "ParameterKey": "InstanceType" } ], "Changes": [ { "ResourceChange": { "ResourceType": "AWS::EC2::Instance", "PhysicalResourceId": "i-7bef86f8", "Details": [ { "ChangeSource": "DirectModification", "Evaluation": "Dynamic", "Target": { "Attribute": "Properties", "Name": "KeyName", "RequiresRecreation": "Always" } }, { "ChangeSource": "DirectModification", "Evaluation": "Dynamic", "Target": { "Attribute": "Properties", "Name": "InstanceType", "RequiresRecreation": "Conditionally" } }, { "ChangeSource": "DirectModification", "Evaluation": "Dynamic", "Target": { "Attribute": "Tags", "RequiresRecreation": "Never" } }, { "CausingEntity": "KeyPairName", "ChangeSource": "ParameterReference", "Evaluation": "Static", "Target": { "Attribute": "Properties", "Name": "KeyName", "RequiresRecreation": "Always" } }, { "CausingEntity": "InstanceType", "ChangeSource": "ParameterReference", "Evaluation": "Static", "Target": { "Attribute": "Properties", "Name": "InstanceType", "RequiresRecreation": "Conditionally" } }, { "CausingEntity": "Purpose", "ChangeSource": "ParameterReference", "Evaluation": "Static", "Target": { "Attribute": "Tags", "RequiresRecreation": "Never" } } ], "Action": "Modify", "Scope": [ "Tags", "Properties" ], "LogicalResourceId": "MyEC2Instance", "Replacement": "True" }, "Type": "Resource" } ], "CreationTime": "2020-11-18T00:39:35.974Z", "Capabilities": [], "StackName": "SampleStack", "NotificationARNs": [], "ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet-multiple/1a2345b6-0000-00a0-a123-00abc0abc000" }
您可以檢視各項變更 (意即為 Details 結構中的 Static 評估),藉此找出需替換資源的變更。在此範例中,每個變更對RequireRecreation欄位都有不同的值,但是對屬性的變更具有最具侵入KeyName性的更新行為,總是需要重新設定。 CloudFormation 將替換實例,因為密鑰名稱已更改。
若金鑰名稱保持不變,則系統變更 InstanceType 屬性時會採取最具侵入性的更新行為 (Conditionally);如此一來,Replacement 欄位的值將為 Conditionally。若要尋找取 CloudFormation 代執行個體的條件,請檢視AWS::EC2::Instance資源類型InstanceType屬性的更新行為。
新增與移除資源
下列範例是透過提交移除EC2執行個體並新增 Auto Scaling 群組和啟動設定的修改範本所產生的。
{ "StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000", "Status": "CREATE_COMPLETE", "ChangeSetName": "SampleChangeSet-addremove", "Parameters": [ { "ParameterValue": "testing", "ParameterKey": "Purpose" }, { "ParameterValue": "MyKeyName", "ParameterKey": "KeyPairName" }, { "ParameterValue": "t2.micro", "ParameterKey": "InstanceType" } ], "Changes": [ { "ResourceChange": { "Action": "Add", "ResourceType": "AWS::AutoScaling::AutoScalingGroup", "Scope": [], "Details": [], "LogicalResourceId": "AutoScalingGroup" }, "Type": "Resource" }, { "ResourceChange": { "Action": "Add", "ResourceType": "AWS::AutoScaling::LaunchConfiguration", "Scope": [], "Details": [], "LogicalResourceId": "LaunchConfig" }, "Type": "Resource" }, { "ResourceChange": { "ResourceType": "AWS::EC2::Instance", "PhysicalResourceId": "i-1abc23d4", "Details": [], "Action": "Remove", "Scope": [], "LogicalResourceId": "MyEC2Instance" }, "Type": "Resource" } ], "CreationTime": "2020-11-18T01:44:08.444Z", "Capabilities": [], "StackName": "SampleStack", "NotificationARNs": [], "ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet-addremove/1a2345b6-0000-00a0-a123-00abc0abc000" }
Changes 結構中有三種 ResourceChange 結構,每個資源各有一種結構。對於每個資源,該Action字段指示是 CloudFormation 添加還是刪除資源。Scope 和 Details 欄位則沒有內容,因為這些欄位僅適用於修改後的資源。
對於新資源, CloudFormation 在執行變更集之前,無法判斷某些欄位的值。例如, CloudFormation 不提供 Auto Scaling 群組IDs的實體和啟動設定,因為它們尚不存在。 CloudFormation 當您執行變更集時,會建立新資源。
檢視屬性層級變更
下列範例顯示 Amazon EC2 執行個體Tag屬性的屬性層級變更。標籤Value和Key將變更為Test。
"ChangeSetName": "SampleChangeSet", "ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet/38d91d27-798d-4736-9bf1-fb7c46207807", "StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleEc2Template/68edcdc0-f6b6-11ee-966c-126d572cdd11", "StackName": "SampleEc2Template", "Description": "A sample EC2 instance template for testing change sets.", "Parameters": [ { "ParameterKey": "KeyPairName", "ParameterValue": "BatchTest" }, { "ParameterKey": "Purpose", "ParameterValue": "testing" }, { "ParameterKey": "InstanceType", "ParameterValue": "t2.micro" } ], "CreationTime": "2024-04-09T21:29:10.759000+00:00", "ExecutionStatus": "AVAILABLE", "Status": "CREATE_COMPLETE", "StatusReason": null, "NotificationARNs": [], "RollbackConfiguration": { :...skipping... { "Changes": [ { "Type": "Resource", "ResourceChange": { "Action": "Modify", "LogicalResourceId": "MyEC2Instance", "PhysicalResourceId": "i-0cc7856a36315e62b", "ResourceType": "AWS::EC2::Instance", "Replacement": "False", "Scope": [ "Tags" ], "Details": [ { "Target": { "Attribute": "Tags", "RequiresRecreation": "Never", "Path": "/Properties/Tags/0/Value", "BeforeValue": "testing", "AfterValue": "Test", "AttributeChangeType": "Modify" }, "Evaluation": "Static", "ChangeSource": "DirectModification" }, { "Target": { "Attribute": "Tags", "RequiresRecreation": "Never", "Path": "/Properties/Tags/0/Key", "BeforeValue": "Purpose", "AfterValue": "Test", "AttributeChangeType": "Modify" }, "Evaluation": "Static", "ChangeSource": "DirectModification" } ], "BeforeContext": "{\"Properties\":{\"KeyName\":\"BatchTest\",\"ImageId\":\"ami-8fcee4e5\",\"InstanceType\":\"t2.micro\",\"Tags\":[{\"Value\":\"testing\",\"Key\":\"Purpose\"}]}}", "AfterContext": "{\"Properties\":{\"KeyName\":\"BatchTest\",\"ImageId\":\"ami-8fcee4e5\",\"InstanceType\":\"t2.micro\",\"Tags\":[{\"Value\":\"Test\",\"Key\":\"Test\"}]}}" } } ]
結Details構會顯示執行變更集Value之前Key和執行變更集之前的值,以及執行變更集之後的值。
