3

Reading the AWS documentation here, I've found the following statement:

AWS::SSM::Parameter::Name
The name of a Systems Manager parameter key.
Use this parameter when you want to pass the parameter key. For example, you can use this type to validate that the parameter exists.

I wasn't able to make it work, every time I get: Parameter validation failed: parameter value ... for parameter name ... does not exist.

Shoud it be trying to resolve the parameter type AWS::SSM::Parameter::Name? Anyway, I kept searching and found another statement here:

The first one in the list is used to pass the name of the parameter key as-is. CloudFormation will not fetch the value stored against it. For example, you can use this type to validate that the parameter exists in Parameter Store.

I'm probably not understanding it correctly, so I would like to request an example on how to check if a parameter existis in Systems Manager from CloudFormation?

Use case:

My main region has all parameters stored on Systems Manager, but my second one (redundancy) has only a few. Consider as example not creating the Zone/RecorSet twice in each region. For that I use a condition, as shown bellow:

AWSTemplateFormatVersion: '2010-09-09'
Parameters:
  MainRegion:
    Type: String
    Default: 'us-east-1'
  PrivateFullyQualifiedDomainName:
    Type: 'AWS::SSM::Parameter::Name'
    Default: '/company/route53/private'
Conditions:
  CreateUniqueResources: !Equals [ !Ref 'AWS::Region', !Ref MainRegion ]
Resources:
  Route53Stack:
    Type: 'AWS::CloudFormation::Stack'
    Condition: CreateUniqueResources
    Properties:
      TemplateURL: [some s3 bucket]
      Parameters:
        PrivateDomainName: !Ref PrivateFullyQualifiedDomainName
Outputs:
  TestParameterName:
    # Outputs: /company/route53/private
    Value: !Ref PrivateFullyQualifiedDomainName

And the nested stack:

AWSTemplateFormatVersion: '2010-09-09'
Parameters:
  PrivateDomainName:
    Type: 'AWS::SSM::Parameter::Value<String>'
Resources:
  [sutff...]
Outputs:
  TestParameterValue:
    # Outputs WHEN it exists: supersecretdomain.company.com
    Value: !Ref PrivateDomainName
brnovais
  • 101
  • 1
  • 7
  • 1
    Do you have a parameter in Parameter Store named /company/route53/private? All that's going on here, as far as I know, is that CloudFormation is offering you a mechanism to avoid specifying the parameter store key as a simple string because its value could not be verified. Also, presumably, it allows the CloudFormation console to enumerate the existing Parameter Store keys and offer them to you in a dropdown list when creating the stack. – jarmod Nov 11 '18 at 22:12
  • No I don't. That's the point I was trying to understand. I thought that using this type (AWS::SSM::Parameter::Name), somehow I could check if it exists before using in my configuration. But after trying a few things I realize that it doesn't resolve the value on compile time, but it does resolve on execution time. And thank you very much for you comment, it made me realize a few use cases of this parameter type, improving the readbility of many places in my configuration. – brnovais Nov 12 '18 at 20:58

0 Answers0