Reputation: 6547
How to escape "${}" in cloudformations "Fn::Sub"
I want this resource to work with the !Sub (or Fn::Sub) intrinsic function
Resource: !Sub 'arn:aws:iam::${AWS::AccountId}:user/${aws:username}'
The aws:username is a policy variable that mustn't be replaced.
One solution would be to use Fn::Join instead and write a bit more boilerplate code.
Better: Can you escape the ${aws:username} so that !Sub will work here? Unfortunately, the documentation does not mention anything about escaping.
Upvotes: 52
Views: 22562
Answers (1)
Reputation: 14029
You actually can escape $ characters with ${!}.
So your resource would look like this:
Resource: !Sub 'arn:aws:iam::${AWS::AccountId}:user/${!aws:username}'
It is mentioned in the docs under the string parameter section.
To write a dollar sign and curly braces (${}) literally, add an exclamation point (!) after the open curly brace, such as ${!Literal}. AWS CloudFormation resolves this text as ${Literal}.
Upvotes: 98
Related Questions
- Using Fn::Sub with a common string in a Cloud Formation Template
- CloudFormation Parameter Reference inside Fn::If inside Fn::Sub
- AWS Cloudformation - use AWS::NoValue within Fn::Sub
- AWS CloudFormation GetAtt not working under Fn::Sub
- AWS CloudFormation Fn::Join - escape single quotes
- How to add two variables in Cloudformation Fn::Sub in UserData
- Fn::Sub expression does not resolve to a string
- Do we need to escape anything in "Fn::Base64: !Sub" in AWS?
- AWS Cloudformation output double quotes in a file using Fn::Join
- "Fn::Join" with delimiter from a parameter?