Can not Move Areas to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Chew | Sep, 2022 | Throne Tech

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

A convoluted combination of Bash and CloudFormation that induced unpleasantly difficult errors

I spent method an extreme period of time attempting to find out simple strategies to go a KMS key description with areas to a CloudFormation stack with parameter overrides.

It doesn’t help that AWS seems to have completely totally different and what appear to be flawed options all over the place.

Someplace throughout the documentation I found an occasion like this:

aws cloudformation deploy [...] --parameter-overrides key=value key2=value

I study all these pages that say it’s finest to be succesful to go parameters by quoting the vital factor and value like this:

"key=value"

Nonetheless, that was not very clear. What you in all probability have a lot of parameters to override? Do quotes go spherical all parameters like this?

"key=value key2=value"

or just each key, value pair like this?

"key=value" "key2=value"

[And why is it called “override” anyway instead of just parameters — that doesn’t really make sense. I’m not overriding anything I’m passing in parameters…but I digress]

I tried every strategies and acquired errors saying my stack couldn’t deploy and/or the home was throwing one factor out of whack, so every phrase in my string with areas was used for every key-value pair. None of those codecs merely labored for me.

So I tried this:

"key='one factor with areas' key2='one factor else'"

With the earlier format, after I regarded throughout the CloudFormation console for parameters, single quotes had been included in my parameters, which isn’t what I would really like. It seems to be like like the one quotes are on the price instead of surrounding it.

The reply proper right here didn’t work each, although it apparently works in SAM:

I’ve tried a bunch of variations of the reply on the bottom of this publish, nonetheless I’m attempting to not go a JSON string. YAML is cleaner and avoids JSON as loads as potential.

This downside has been reported again and again. And in the long term fully not one of many options had been proper in my case… nonetheless study on as I’ve a selected case. In spite of everything certain.

I merely found this publish which is attention-grabbing:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*9pgiSthBYK4oVKU6jeLyzQ

the issue is that every key-value pair is enclosed in single quotes in addition to the one with areas:

"TAG2='Check out Problem'"

I was putting quotes throughout the entire parameter string, not each specific individual key value pair. Let’s try.

Successfully, not lower than I get a novel error:

JSON handed to --parameter-overrides ought to be considered one of many codecs: ["Key1=Value1","Key2=Value2", ...] , ["ParameterKey": "Key1", "ParameterValue": "Value1", ...] , ["Parameters": "Key1": "Value1", "Key2": "Value2", ...]

East?

parameters="["EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc"]"

No. How about this?

parameters="["EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc"]"

No. Presumably this?

parameters=""EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc""

When all else fails… study the documentation. I found this web page:

This occasion reveals putting after a value with areas in it.

--parameter-overrides ParameterKey=MaximumExecutionFrequency,ParameterValue=TwentyFour_Hours,Twelve_Hours

Successfully that’s completely totally different. Let’s try. The occasion is just not for the deploy command, nonetheless you’d rely on consistency for switches named “parameter overrides” for CloudFormation, correct? Nope.

it doesn’t work

This doesn’t work:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

Because of then I get this:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*JiJc0JaaFu0CRVGWuH1oRg

East:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*0Vr7gBL0MSXLI dunFk QA

It tells me that just a few of my parameters don’t have any values.

Okay, I’ve this working elsewhere. Wanting the place it actually works I’ve this:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech
Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

In order that must work, nonetheless it doesn’t seem to work with areas. Let’s analysis the above error message but yet another time. It contradicts documentation elsewhere on account of the documentation I found had areas between key value pairs and no sq. brackets. He moreover had no keys.

I found nonetheless the primary occasion throughout the error message above easy ample to duplicate.

This “seems” to work.

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

I don’t get an error, nonetheless I consider it’s on account of I moved the problematic parameter to the tip I consider. Presumably not after I found a remaining decision. After I am going to the AWS CloudFormation console, the define solely has the first phrase:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*IMq228JJBqxvEBW NyS9Yw

What I noticed after printing my parameter string is that the parameter throughout the parameter string in two completely totally different options was fast. I am going the variable that accommodates the price with areas proper right into a carry out that formulates the parameter string. I then go the parameter string to a special carry out.

That’s what occurred with that. The value was truncated from the beginning in bash when passing it to the alternative carry out. I wished to position quotes throughout the price of the variable throughout the preliminary carry out identify on account of bash moreover encloses arguments in quotes.

So this:

deploy_key $profile $encryptarn $decryptarn $keyalias $desc

grow to be this:

deploy_key $profile $encryptarn $decryptarn $keyalias "$desc"

I already knew that I wanted to place values ​​into the handed arguments throughout the following carry out, nonetheless eventually all through the check out I eradicated them. So this:

deploy_key(){  profile=$1
encryptarn=$2
decryptarn=$3
keyalias=$4
 desc=$5

It wished to be this:

deploy_key(){profile=$1
encryptarn=$2
decryptarn=$3
keyalias=$4
  desc="$5" 

After I add the quotes above, now one among my parameter values ​​has areas in it and CloudFormation croaks in some methods. As a substitute of attempting to restore my already overly tough parameter string, I pressured my value to have single quotes like this:

desc="'$desc'"

Then when added to my parameter string, the price is single quoted inside this beautiful convoluted development and I haven’t bought to aim to sort and escape any additional quotes proper right here:

parameters="["EncryptArnParam="$encryptarn'","DecryptArnParam='$decryptarn'","KeyAliasParam='$keyalias'","DescParam='$desc'"]'

Subsequent, I moreover need to put quotes throughout the parameter variable that I am going to the following carry out:

deploy_stack $profile $keyalias $resourcetype $template "$parameters"

And eventually… I’ve in order so as to add quotes throughout the argument that I retrieved throughout the closing carry out (I quoted all of these arguments out of frustration eventually, nonetheless solely the parameters argument has areas).

deploy_stack () {
profile="$1"
resourcename="$2"
resourcetype="$3"
template="$4"
parameters="$5"

And I do one other points in between, nonetheless lastly I identify and use my parameters. I quoted this value as correctly.

aws cloudformation deploy 
--profile $profile 
--stack-name $stackname 
--template-file $template 
  --parameter-overrides 
"$parameters"

Then after I look at CloudFormation I can see that my value with strings is present.

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*tWmsOHo7S8WkcWGiLFQNww

PHEW!!!

I was sure I’d not be succesful to make this work within the midst of all this. The first issue he helped was a helpful if significantly difficult error message. The one downside is that it took me a really very long time and quite a lot of prodding to get that error message. Presumably there’s a fashion to supply a better error message sooner primarily based totally on the alternative inputs. Presumably AWS can add these and one other sorts of tough quote combos to their check out circumstances.

Teri Radichel

In case you want this story please applaud and proceed:

Medium: Teri Radichel or E mail Guidelines: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests corporations by the use of LinkedIn: Teri Radichel or IANS Evaluation

© second sight lab 2022

____________________________________________

Author:

Cybersecurity for executives throughout the cloud interval at Amazon

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 0*H9Ew1KCl 29nZiPR

Would you like cloud security teaching? 2nd Sight Lab Cloud Security Teaching

Is your cloud protected? Lease 2nd Sight Lab for a penetration check out or security analysis.

Do you’ve gotten a question about cybersecurity or cloud security? Ask Teri Radichel by scheduling a reputation with IANS Evaluation.

Cybersecurity and Cloud Security Sources by Teri Radichel: Cybersecurity and cloud security programs, articles, white papers, reveals, and podcasts

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech