CODEWITHSUNDEEP
amazon-web-servicesaws-cloudformation
marcin2x4
marcin2x4

Reputation: 1429

Cloudformation - environment variable used when condition is met

I need to pass different variables based on environment of my lambda function. Created below condition but getting error when trying to use !If. Appreciate all the help and suggestions on how to workaround this.

Error while deployment:

Properties validation failed for resource LambdaFunction

YML file:

Conditions:
  IsProd: !Equals [!Ref AppEnv, "production"]
  IsNonProd: !Not [!Equals [!Ref AppEnv, "production"]]

  LambdaFunction:
    Type: AWS::Lambda::Function
    DependsOn:
      - LambdaLayer
    Properties:
      FunctionName: !Sub '${AppName}-${AppEnv}'
      Handler: function.handler
      Layers:
        - !Ref LambdaLayer
      VpcConfig:
        SecurityGroupIds:
          - Ref: SecurityGroup
        SubnetIds:
          - Ref: PrivateSubnetAz1
          - Ref: PrivateSubnetAz2
      Code:
        S3Bucket: !Sub 'app-deploy-${AWS::AccountId}-${AWS::Region}'
        S3Key: !Ref S3LambdaKey
      Environment:
        Variables:
          !If
            - "IsNonProd"
            - 
              - DD_SITE: !GetAtt EncryptedDDSite.CipherText
              - DD_API_KEY: !GetAtt EncryptedDDApiKey.CipherText
              - USER_DEV: !GetAtt EncryptedUserDev.CipherText
              - PASS_DEV: !GetAtt EncryptedPassDev.CipherText
              - USER_STG: !GetAtt EncryptedUserStg.CipherText
              - PASS_STG: !GetAtt EncryptedPassStg.CipherText
              - USER_TEST: !GetAtt EncryptedUserTest.CipherText
              - PASS_TEST: !GetAtt EncryptedPassTest.CipherText
              - AppEnv: !Ref AppEnv
            - 
              - DD_SITE: !GetAtt EncryptedDDSite.CipherText
              - DD_API_KEY: !GetAtt EncryptedDDApiKey.CipherText
              - USER_PRD: !GetAtt EncryptedUserPrd.CipherText
              - PASS_PRD: !GetAtt EncryptedPassPrd.CipherText
              - AppEnv: !Ref AppEnv
      Runtime: python3.8
      MemorySize: 128
      Timeout: 300
      Role: !GetAtt
        - LambdaRole
        - Arn

Upvotes: 0

Views: 1655

Answers (1)

kgiannakakis
kgiannakakis

Reputation: 104178

!If requires an array and the second and third items should also be an array. Also AppEnv must be added twice.

  Environment:
    Variables:
      !If:
        - "IsNonProd"
        - 
          - DD_SITE: !GetAtt EncryptedDDSite.CipherText
          - DD_API_KEY: !GetAtt EncryptedDDApiKey.CipherText
          - USER_DEV: !GetAtt EncryptedUserDev.CipherText
          - PASS_DEV: !GetAtt EncryptedPassDev.CipherText
          - USER_STG: !GetAtt EncryptedUserStg.CipherText
          - PASS_STG: !GetAtt EncryptedPassStg.CipherText
          - USER_TEST: !GetAtt EncryptedUserTest.CipherText
          - PASS_TEST: !GetAtt EncryptedPassTest.CipherText
          - AppEnv: !Ref AppEnv
        - 
          - DD_SITE: !GetAtt EncryptedDDSite.CipherText
          - DD_API_KEY: !GetAtt EncryptedDDApiKey.CipherText
          - USER_PRD: !GetAtt EncryptedUserPrd.CipherText
          - PASS_PRD: !GetAtt EncryptedPassPrd.CipherText
          - AppEnv: !Ref AppEnv

Upvotes: 1

Related Questions