本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
環境 CloudFormation IaC 文件參數的詳細信息和示例
您可以將環境基礎結構中的參數定義為程式碼 (IaC) 檔案。如需參數、參數類型、 AWS Proton 參數命名空間以及如何在 IaC 檔案中使用參數的詳細說明,請參閱AWS Proton 參數。
定義環境參數
您可以為環境 IaC 檔案定義輸入和輸出參數。
-
輸入參數 — 定義結構描述檔案中的環境輸入參數。
下列清單包含典型使用案例的環境輸入參數範例。
-
VPC CIDR 值
-
負載平衡器設定
-
資料庫設定
-
健康狀態檢查逾時
身為管理員,您可以在建立環境時提供輸入參數的值:
-
使用主控台填寫提供的結構描述式表 AWS Proton 單。
-
使用 CLI 提供包含值的規格。
-
-
輸出參數 — 定義環境 IaC 檔案中的環境輸出。然後,您可以在其他資源的 IaC 文件中引用這些輸出。
讀取環境 IaC 檔案中的參數值
您可以在環境 IaC 文件中讀取與環境相關的參數。您可以在參數命名空間中參照參數的名稱來讀取 AWS Proton 參數值。
-
輸入參數 — 透過參考讀取環境輸入值
environment.inputs.。input-name -
資源參數 — 透過參考名稱來讀取 AWS Proton 資源參數,例如
environment.name。
注意
環境 IaC 檔案沒有其他資源的輸出參數可用。
示例環境和服務 IaC 文件參數
下面的例子演示了環境 IaC 文件中的參數定義和引用。然後,該示例顯示了如何在服務 IaC 文件中引用環境 IaC 文件中定義的環境輸出參數。
範例 環境 CloudFormation IAC 文件
請注意此範例中的下列事項:
-
命
environment.inputs.名空間是指環境輸入參數。 -
Amazon EC2 Systems Manager(SSM)參數
StoreInputValue將環境輸入串聯起來。 -
MyEnvParameterValue輸出會公開與輸出參數相同的輸入參數串連。另外三個輸出參數也會分別公開輸入參數。 -
六個額外的輸出參數公開了環境佈建的資源。
Resources: StoreInputValue: Type: AWS::SSM::Parameter Properties: Type: String Value: "{{ environment.inputs.my_sample_input }} {{ environment.inputs.my_other_sample_input}} {{ environment.inputs.another_optional_input }}" # input parameter references # These output values are available to service infrastructure as code files as outputs, when given the # the 'environment.outputs' namespace, for example, service_instance.environment.outputs.ClusterName. Outputs: MyEnvParameterValue: # output definition Value: !GetAtt StoreInputValue.Value MySampleInputValue: # output definition Value: "{{ environment.inputs.my_sample_input }}" # input parameter reference MyOtherSampleInputValue: # output definition Value: "{{ environment.inputs.my_other_sample_input }}" # input parameter reference AnotherOptionalInputValue: # output definition Value: "{{ environment.inputs.another_optional_input }}" # input parameter reference ClusterName: # output definition Description: The name of the ECS cluster Value: !Ref 'ECSCluster' # provisioned resource ECSTaskExecutionRole: # output definition Description: The ARN of the ECS role Value: !GetAtt 'ECSTaskExecutionRole.Arn' # provisioned resource VpcId: # output definition Description: The ID of the VPC that this stack is deployed in Value: !Ref 'VPC' # provisioned resource PublicSubnetOne: # output definition Description: Public subnet one Value: !Ref 'PublicSubnetOne' # provisioned resource PublicSubnetTwo: # output definition Description: Public subnet two Value: !Ref 'PublicSubnetTwo' # provisioned resource ContainerSecurityGroup: # output definition Description: A security group used to allow Fargate containers to receive traffic Value: !Ref 'ContainerSecurityGroup' # provisioned resource
範例 服務 CloudFormation IAC 文件
命environment.outputs.名空間是指環境 IaC 文件的環境輸出。例如,名稱會environment.outputs.ClusterName讀取ClusterName環境輸出參數的值。
AWSTemplateFormatVersion: '2010-09-09' Description: Deploy a service on AWS Fargate, hosted in a public subnet, and accessible via a public load balancer. Mappings: TaskSize: x-small: cpu: 256 memory: 512 small: cpu: 512 memory: 1024 medium: cpu: 1024 memory: 2048 large: cpu: 2048 memory: 4096 x-large: cpu: 4096 memory: 8192 Resources: # A log group for storing the stdout logs from this service's containers LogGroup: Type: AWS::Logs::LogGroup Properties: LogGroupName: '{{service_instance.name}}' # resource parameter # The task definition. This is a simple metadata description of what # container to run, and what resource requirements it has. TaskDefinition: Type: AWS::ECS::TaskDefinition Properties: Family: '{{service_instance.name}}' # resource parameter Cpu: !FindInMap [TaskSize, {{service_instance.inputs.task_size}}, cpu] # input parameter Memory: !FindInMap [TaskSize, {{service_instance.inputs.task_size}}, memory] NetworkMode: awsvpc RequiresCompatibilities: - FARGATE ExecutionRoleArn: '{{environment.outputs.ECSTaskExecutionRole}}' # output reference to an environment infrastructure code file TaskRoleArn: !Ref "AWS::NoValue" ContainerDefinitions: - Name: '{{service_instance.name}}' # resource parameter Cpu: !FindInMap [TaskSize, {{service_instance.inputs.task_size}}, cpu] Memory: !FindInMap [TaskSize, {{service_instance.inputs.task_size}}, memory] Image: '{{service_instance.inputs.image}}' PortMappings: - ContainerPort: '{{service_instance.inputs.port}}' # input parameter LogConfiguration: LogDriver: 'awslogs' Options: awslogs-group: '{{service_instance.name}}' # resource parameter awslogs-region: !Ref 'AWS::Region' awslogs-stream-prefix: '{{service_instance.name}}' # resource parameter # The service_instance. The service is a resource which allows you to run multiple # copies of a type of task, and gather up their logs and metrics, as well # as monitor the number of running tasks and replace any that have crashed Service: Type: AWS::ECS::Service DependsOn: LoadBalancerRule Properties: ServiceName: '{{service_instance.name}}' # resource parameter Cluster: '{{environment.outputs.ClusterName}}' # output reference to an environment infrastructure as code file LaunchType: FARGATE DeploymentConfiguration: MaximumPercent: 200 MinimumHealthyPercent: 75 DesiredCount: '{{service_instance.inputs.desired_count}}'# input parameter NetworkConfiguration: AwsvpcConfiguration: AssignPublicIp: ENABLED SecurityGroups: - '{{environment.outputs.ContainerSecurityGroup}}' # output reference to an environment infrastructure as code file Subnets: - '{{environment.outputs.PublicSubnetOne}}' # output reference to an environment infrastructure as code file - '{{environment.outputs.PublicSubnetTwo}}' # output reference to an environment infrastructure as code file TaskDefinition: !Ref 'TaskDefinition' LoadBalancers: - ContainerName: '{{service_instance.name}}' # resource parameter ContainerPort: '{{service_instance.inputs.port}}' # input parameter TargetGroupArn: !Ref 'TargetGroup' [...]
