0

I am currently trying to set up CloudFormation to use AWS Config and set up the AWS default rule for Public RDS checking.

I am trying to deploy this using powershell with variables, code below.

# Variables
$default_region = 'eu-west-1'
$aws_profile = Read-Host -Prompt 'Input AWS CLI profile name'

if (!($aws_region = Read-Host "Enter Region [$default_region]")) { $aws_region = $default_region }
if (!($environment = Read-Host "Enter Environment Name [$aws_profile]")) { $environment = $aws_profile }
$topicname = "rds_instance_public_access_check_$($aws_region)"

$sns_message = "Public RDS Detected in $($environment) - $($aws_region)"

# Create the RDS Public Instance stack
aws cloudformation create-stack --stack-name rds-instance-public-access-check-rules --template-body file://config_public_rds.yml --parameters ParameterKey=ViolationMessage,ParameterValue=$sns_message ParameterKey=TopicName,ParameterValue=$topicname --profile $aws_profile --region $aws_region

The CloudFormation template works as expected, if i hardcode the $topicName and $sns_message variable it creates the stack as expected.

The parameters being passed for creation are the $ variable values when checking the console.

If i Write out the parameters outside of the CLI they also work, only when using it like the above does it seem to ignore the parameter set.

The values being passed are also not the issue as I have tested this with simple string values and that also fails.

Tried to run the above code, expecting a CloudFormation stack to be created on the AWS profile passed in.

Permissions are tested and working. CloudFormation template replaced with hard values tested and working. Powershell replaced with hardcoded values tested and working. Variables changed to simple strings, not working.

Thank you in advance.

Gavin

Gavin Doris
  • 61
  • 1
  • 1
  • 1
    I don't understand what you mean by *simple strings* not working. Is there any type of error that is thrown, or just nothing happens? Never used the aws cli, is it PowerShell dependent? Any difference using the PowerShell cmdlets instead? – Abraham Zinala Dec 28 '22 at 16:52
  • Please clarify your specific problem or provide additional details to highlight exactly what you need. As it's currently written, it's hard to tell exactly what you're asking. – Community Dec 29 '22 at 06:40
  • Sorry, When i change the variables to use string values like "SNSMessage" rather than more complex variables, but still use the variables within the bottom line of the script (Under the # Create the RDS Public Instance stack) they pass through the none replaced variable to AWS ($sns_message) and this is my issue entirely. For some reason that bottom row for $sns_message and $topicname get passed into AWS as their $ variable values. This is part of standardization, the goal is to be able to run this within an pipeline to get it as part of setup hence using Powershell. Thank you. – Gavin Doris Dec 29 '22 at 09:50

0 Answers0