本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
變更集範例
本節提供將為常見堆疊變更 CloudFormation 建立的變更集範例。這些範例將說明如何直接編輯範本、修改單一輸入參數、規劃資源重新建立 (替換) 作業,以免未備份的資料遺失,或是堆疊中執行的應用程式中斷;透過這些範例,您亦能掌握新增與移除資源的方法。為了示範變更集的運作方式,我們將逐步解說您所提交的變更,並探討隨後產生的變更集。本節的每個範例皆是以先前的範例為建立基礎,且會假設您已掌握之前的釋例,因此建議您按照順序詳讀。如需變更集中每個欄位的說明,請參閱 AWS CloudFormation API參考。
您可以使用控制台, AWS CLI,或 CloudFormation DescribeChangeSetAPI檢視變更集詳細資訊的作業。
為了從堆疊中產生下述各個變更集,此處會採用以下範例範本
{
"AWSTemplateFormatVersion" : "2010-09-09",
"Description" : "A sample EC2 instance template for testing change sets.",
"Parameters" : {
"Purpose" : {
"Type" : "String",
"Default" : "testing",
"AllowedValues" : ["testing", "production"],
"Description" : "The purpose of this instance."
},
"KeyPairName" : {
"Type": "AWS::EC2::KeyPair::KeyName",
"Description" : "Name of an existing EC2 KeyPair to enable SSH access to the instance"
},
"InstanceType" : {
"Type" : "String",
"Default" : "t2.micro",
"AllowedValues" : ["t2.micro", "t2.small", "t2.medium"],
"Description" : "The EC2 instance type."
}
},
"Resources" : {
"MyEC2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"KeyName" : { "Ref" : "KeyPairName" },
"InstanceType" : { "Ref" : "InstanceType" },
"ImageId" : "ami-8fcee4e5",
"Tags" : [
{
"Key" : "Purpose",
"Value" : { "Ref" : "Purpose" }
}
]
}
}
}
}直接編輯範本
當您直接修改堆疊範本中的資源以產生變更集時,會將變更 CloudFormation 分類為直接修改,而不是由更新的參數值所起始的變更。以下變更集便是直接修改的範例,其會將新標籤新增至 i-1abc23d4 執行個體。由於要著重探討 Changes 結構,參數值和功能等所有其他輸入值皆會保持不變。
{
"StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000",
"Status": "CREATE_COMPLETE",
"ChangeSetName": "SampleChangeSet-direct",
"Parameters": [
{
"ParameterValue": "testing",
"ParameterKey": "Purpose"
},
{
"ParameterValue": "MyKeyName",
"ParameterKey": "KeyPairName"
},
{
"ParameterValue": "t2.micro",
"ParameterKey": "InstanceType"
}
],
"Changes": [
{
"ResourceChange": {
"ResourceType": "AWS::EC2::Instance",
"PhysicalResourceId": "i-1abc23d4",
"Details": [
{
"ChangeSource": "DirectModification",
"Evaluation": "Static",
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never"
}
}
],
"Action": "Modify",
"Scope": [
"Tags"
],
"LogicalResourceId": "MyEC2Instance",
"Replacement": "False"
},
"Type": "Resource"
}
],
"CreationTime": "2020-11-18T23:35:25.813Z",
"Capabilities": [],
"StackName": "SampleStack",
"NotificationARNs": [],
"ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet-direct/1a2345b6-0000-00a0-a123-00abc0abc000"
}在 Changes 結構中,僅有一個 ResourceChange 結構。此結構描述的資訊包括要變更的資源 CloudFormation 類型、 CloudFormation 將採取的動作、資源的 ID、變更範圍,以及變更是否需要取代 (在此處 CloudFormation 建立新資源,然後刪除舊資源)。在此範例中,變更集會指出 CloudFormation 將修改i-1abc23d4EC2執行個體的Tags屬性,而且不需要取代執行個體。
在Details結構中,將此變更 CloudFormation 標示為直接修改,永遠不需要重新建立 (取代) 實例。您可以自信地執行此更改,因為知道 CloudFormation 不會取代實例。
CloudFormation 將此變更顯示為Static評估。靜態評估意味著 CloudFormation 可以在執行變更集之前確定標籤的值。在某些情況下, CloudFormation 只有在執行變更集之後才能決定值。 CloudFormation將這些變更標示為Dynamic評估。例如,如果您參考已有條件取代的更新資源,則 CloudFormation 無法判斷對更新資源的參考是否會變更。
修改輸入參數值
修改輸入參數值時, CloudFormation 會為每個使用更新參數值的資源產生兩項變更。在本範例中,我們會詳細說明這些變更的效果,以及應注重的資訊。系統在產生本範例時,僅有變更 Purpose 輸入參數的值。
Purpose參數指定例證的標籤鍵EC2值。本範例會將 testing 參數值變更為 production。而 Parameters 結構即會顯示新的值。
{
"StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000",
"Status": "CREATE_COMPLETE",
"ChangeSetName": "SampleChangeSet",
"Parameters": [
{
"ParameterValue": "production",
"ParameterKey": "Purpose"
},
{
"ParameterValue": "MyKeyName",
"ParameterKey": "KeyPairName"
},
{
"ParameterValue": "t2.micro",
"ParameterKey": "InstanceType"
}
],
"Changes": [
{
"ResourceChange": {
"ResourceType": "AWS::EC2::Instance",
"PhysicalResourceId": "i-1abc23d4",
"Details": [
{
"ChangeSource": "DirectModification",
"Evaluation": "Dynamic",
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never"
}
},
{
"CausingEntity": "Purpose",
"ChangeSource": "ParameterReference",
"Evaluation": "Static",
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never"
}
}
],
"Action": "Modify",
"Scope": [
"Tags"
],
"LogicalResourceId": "MyEC2Instance",
"Replacement": "False"
},
"Type": "Resource"
}
],
"CreationTime": "2020-11-18T23:59:18.447Z",
"Capabilities": [],
"StackName": "SampleStack",
"NotificationARNs": [],
"ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet/1a2345b6-0000-00a0-a123-00abc0abc000"
}結Changes構的功能類似於它在直接編輯範本示例中的方式。只有一個ResourceChange結構;它描述了對i-1abc23d4EC2實例Tags屬性的更改。
不過,在 Details 結構中,即便僅變更一個參數值,變更集仍會針對 Tags 屬性顯示兩項變更。若資源是將變更後的參數值作為參考資料 (使用 Ref 內部函數),一律會產生兩項變更:一項是 Dynamic 評估,另一項則是 Static 評估。如需查看這類型的變更,請檢視下列欄位:
-
若變更屬於
Static評估,請檢視ChangeSource欄位。在本範例中,ChangeSource欄位等於ParameterReference,這表示此變更是更新後參數參考值所產生的結果;該變更集必須包含類似的Dynamic評估變更。 -
透過比較兩項變更的
Dynamic結構,即可找到相符的Target評估變更,當中將包含相同資訊。在本範例中,兩項變更的Target結構皆涵蓋相同的Attribute值和RequireRecreation欄位。
查看這類型的變更時,應該著重於 Static 評估,因為該評估所提供的變更資訊最為詳細。在本範例中,Static 評估顯示的變更屬於參數參考值 (ParameterReference) 的更改結果;CauseEntity 欄位 (Purpose 參數) 則會確切指示已變更的參數。
判斷 Replacement 欄位的值
ResourceChange結構中的Replacement欄位 CloudFormation 會指出是否要重新建立資源。只需規劃資源的重新建立或替換作業,即可避免未備份的資料遺失,或是堆疊中執行的應用程式中斷。
Replacement 欄位中的值會取決於是否需要替換變更項目,這會視變更 RequiresRecreation 結構中的 Target 欄位指示而定。舉例來說,若 RequiresRecreation 欄位為 Never,則 Replacement 欄位的值將為 False。但是,如果單一資源有多項變更,且每項變更的RequiresRecreation欄位值不同,則會使用最具侵入性的行為來更 CloudFormation 新資源。換句話說,如果許多變更中只有一項需要取代,則 CloudFormation 必須取代資源,因此將Replacement欄位設定為True。
下列變更集是透過變更每個參數 (Purpose、和KeyPairName) 的值而產生的InstanceType,這些參數全部由EC2執行個體使用。透過這些變更, CloudFormation 將需要取代執行個體,因為Replacement欄位等於True。
{
"StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000",
"Status": "CREATE_COMPLETE",
"ChangeSetName": "SampleChangeSet-multiple",
"Parameters": [
{
"ParameterValue": "production",
"ParameterKey": "Purpose"
},
{
"ParameterValue": "MyNewKeyName",
"ParameterKey": "KeyPairName"
},
{
"ParameterValue": "t2.small",
"ParameterKey": "InstanceType"
}
],
"Changes": [
{
"ResourceChange": {
"ResourceType": "AWS::EC2::Instance",
"PhysicalResourceId": "i-7bef86f8",
"Details": [
{
"ChangeSource": "DirectModification",
"Evaluation": "Dynamic",
"Target": {
"Attribute": "Properties",
"Name": "KeyName",
"RequiresRecreation": "Always"
}
},
{
"ChangeSource": "DirectModification",
"Evaluation": "Dynamic",
"Target": {
"Attribute": "Properties",
"Name": "InstanceType",
"RequiresRecreation": "Conditionally"
}
},
{
"ChangeSource": "DirectModification",
"Evaluation": "Dynamic",
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never"
}
},
{
"CausingEntity": "KeyPairName",
"ChangeSource": "ParameterReference",
"Evaluation": "Static",
"Target": {
"Attribute": "Properties",
"Name": "KeyName",
"RequiresRecreation": "Always"
}
},
{
"CausingEntity": "InstanceType",
"ChangeSource": "ParameterReference",
"Evaluation": "Static",
"Target": {
"Attribute": "Properties",
"Name": "InstanceType",
"RequiresRecreation": "Conditionally"
}
},
{
"CausingEntity": "Purpose",
"ChangeSource": "ParameterReference",
"Evaluation": "Static",
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never"
}
}
],
"Action": "Modify",
"Scope": [
"Tags",
"Properties"
],
"LogicalResourceId": "MyEC2Instance",
"Replacement": "True"
},
"Type": "Resource"
}
],
"CreationTime": "2020-11-18T00:39:35.974Z",
"Capabilities": [],
"StackName": "SampleStack",
"NotificationARNs": [],
"ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet-multiple/1a2345b6-0000-00a0-a123-00abc0abc000"
}您可以檢視各項變更 (意即為 Details 結構中的 Static 評估),藉此找出需替換資源的變更。在此範例中,每個變更對RequireRecreation欄位都有不同的值,但是對屬性的變更具有最具侵入KeyName性的更新行為,總是需要重新設定。 CloudFormation 將替換實例,因為密鑰名稱已更改。
若金鑰名稱保持不變,則系統變更 InstanceType 屬性時會採取最具侵入性的更新行為 (Conditionally);如此一來,Replacement 欄位的值將為 Conditionally。若要尋找取 CloudFormation 代執行個體的條件,請檢視 InstanceType AWS::EC2::Instance 資源類型。
新增與移除資源
下列範例是透過提交移除EC2執行個體並新增 Auto Scaling 群組和啟動設定的修改範本所產生的。
{
"StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleStack/1a2345b6-0000-00a0-a123-00abc0abc000",
"Status": "CREATE_COMPLETE",
"ChangeSetName": "SampleChangeSet-addremove",
"Parameters": [
{
"ParameterValue": "testing",
"ParameterKey": "Purpose"
},
{
"ParameterValue": "MyKeyName",
"ParameterKey": "KeyPairName"
},
{
"ParameterValue": "t2.micro",
"ParameterKey": "InstanceType"
}
],
"Changes": [
{
"ResourceChange": {
"Action": "Add",
"ResourceType": "AWS::AutoScaling::AutoScalingGroup",
"Scope": [],
"Details": [],
"LogicalResourceId": "AutoScalingGroup"
},
"Type": "Resource"
},
{
"ResourceChange": {
"Action": "Add",
"ResourceType": "AWS::AutoScaling::LaunchConfiguration",
"Scope": [],
"Details": [],
"LogicalResourceId": "LaunchConfig"
},
"Type": "Resource"
},
{
"ResourceChange": {
"ResourceType": "AWS::EC2::Instance",
"PhysicalResourceId": "i-1abc23d4",
"Details": [],
"Action": "Remove",
"Scope": [],
"LogicalResourceId": "MyEC2Instance"
},
"Type": "Resource"
}
],
"CreationTime": "2020-11-18T01:44:08.444Z",
"Capabilities": [],
"StackName": "SampleStack",
"NotificationARNs": [],
"ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet-addremove/1a2345b6-0000-00a0-a123-00abc0abc000"
}Changes 結構中有三種 ResourceChange 結構,每個資源各有一種結構。對於每個資源,該Action字段指示是 CloudFormation 添加還是刪除資源。Scope 和 Details 欄位則沒有內容,因為這些欄位僅適用於修改後的資源。
對於新資源, CloudFormation 在執行變更集之前,無法判斷某些欄位的值。例如, CloudFormation 不提供 Auto Scaling 群組IDs的實體和啟動設定,因為它們尚不存在。 CloudFormation 當您執行變更集時,會建立新資源。
檢視屬性層級變更
下列範例顯示 Amazon EC2 執行個體Tag屬性的屬性層級變更。標籤Value和Key將變更為Test。
"ChangeSetName": "SampleChangeSet",
"ChangeSetId": "arn:aws:cloudformation:us-east-1:123456789012:changeSet/SampleChangeSet/38d91d27-798d-4736-9bf1-fb7c46207807",
"StackId": "arn:aws:cloudformation:us-east-1:123456789012:stack/SampleEc2Template/68edcdc0-f6b6-11ee-966c-126d572cdd11",
"StackName": "SampleEc2Template",
"Description": "A sample EC2 instance template for testing change sets.",
"Parameters": [
{
"ParameterKey": "KeyPairName",
"ParameterValue": "BatchTest"
},
{
"ParameterKey": "Purpose",
"ParameterValue": "testing"
},
{
"ParameterKey": "InstanceType",
"ParameterValue": "t2.micro"
}
],
"CreationTime": "2024-04-09T21:29:10.759000+00:00",
"ExecutionStatus": "AVAILABLE",
"Status": "CREATE_COMPLETE",
"StatusReason": null,
"NotificationARNs": [],
"RollbackConfiguration": {
:...skipping...
{
"Changes": [
{
"Type": "Resource",
"ResourceChange": {
"Action": "Modify",
"LogicalResourceId": "MyEC2Instance",
"PhysicalResourceId": "i-0cc7856a36315e62b",
"ResourceType": "AWS::EC2::Instance",
"Replacement": "False",
"Scope": [
"Tags"
],
"Details": [
{
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never",
"Path": "/Properties/Tags/0/Value",
"BeforeValue": "testing",
"AfterValue": "Test",
"AttributeChangeType": "Modify"
},
"Evaluation": "Static",
"ChangeSource": "DirectModification"
},
{
"Target": {
"Attribute": "Tags",
"RequiresRecreation": "Never",
"Path": "/Properties/Tags/0/Key",
"BeforeValue": "Purpose",
"AfterValue": "Test",
"AttributeChangeType": "Modify"
},
"Evaluation": "Static",
"ChangeSource": "DirectModification"
}
],
"BeforeContext": "{\"Properties\":{\"KeyName\":\"BatchTest\",\"ImageId\":\"ami-8fcee4e5\",\"InstanceType\":\"t2.micro\",\"Tags\":[{\"Value\":\"testing\",\"Key\":\"Purpose\"}]}}",
"AfterContext": "{\"Properties\":{\"KeyName\":\"BatchTest\",\"ImageId\":\"ami-8fcee4e5\",\"InstanceType\":\"t2.micro\",\"Tags\":[{\"Value\":\"Test\",\"Key\":\"Test\"}]}}"
}
}
]結Details構會顯示執行變更集Value之前Key和執行變更集之前的值,以及執行變更集之後的值。
