Can’t Cross Areas to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Chew | Sep, 2022 | Throne Tech

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

A convoluted combination of Bash and CloudFormation that induced unpleasantly difficult errors

I spent method an extreme period of time attempting to find out simple strategies to go a KMS key description with areas to a CloudFormation stack with parameter overrides.

It doesn’t help that AWS seems to have completely totally different and what appear like flawed options in every single place.

Someplace throughout the documentation I found an occasion like this:

aws cloudformation deploy [...] --parameter-overrides key=price key2=price

I be taught all these pages that say it’s greatest to be succesful to go parameters by quoting the essential factor and price like this:

"key=price"

Nonetheless, that was not very clear. What you in all probability have quite a lot of parameters to override? Do quotes go spherical all parameters like this?

"key=price key2=price"

or just each key, price pair like this?

"key=price" "key2=price"

[And why is it called “override” anyway instead of just parameters — that doesn’t really make sense. I’m not overriding anything I’m passing in parameters…but I digress]

I tried every strategies and acquired errors saying my stack couldn’t deploy and/or the home was throwing one factor out of whack, so every phrase in my string with areas was used for every key-value pair. None of those codecs merely labored for me.

So I tried this:

"key='one factor with areas' key2='one factor else'"

With the earlier format, after I regarded throughout the CloudFormation console for parameters, single quotes had been included in my parameters, which isn’t what I would love. It seems to be like like the one quotes are on the price instead of surrounding it.

The reply proper right here didn’t work each, although it apparently works in SAM:

I’ve tried a bunch of variations of the reply on the bottom of this publish, nevertheless I’m attempting to not go a JSON string. YAML is cleaner and avoids JSON as quite a bit as potential.

This downside has been reported again and again. And in the long term utterly not one of many options had been proper in my case… nevertheless be taught on as I’ve a specific case. In any case positive.

I merely found this publish which is attention-grabbing:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*9pgiSthBYK4oVKU6jeLyzQ

the issue is that every key-value pair is enclosed in single quotes apart from the one with areas:

"TAG2='Check out Problem'"

I was inserting quotes throughout the full parameter string, not each explicit particular person key price pair. Let’s try.

Successfully, not lower than I get a novel error:

JSON handed to --parameter-overrides must be certainly one of many codecs: ["Key1=Value1","Key2=Value2", ...] , ["ParameterKey": "Key1", "ParameterValue": "Value1", ...] , ["Parameters": "Key1": "Value1", "Key2": "Value2", ...]

East?

parameters="["EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc"]"

No. How about this?

parameters="["EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc"]"

No. Presumably this?

parameters=""EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc""

When all else fails… be taught the documentation. I found this web page:

This occasion reveals inserting after a worth with areas in it.

--parameter-overrides ParameterKey=MaximumExecutionFrequency,ParameterValue=TwentyFour_Hours,Twelve_Hours

Successfully that’s completely totally different. Let’s try. The occasion isn’t for the deploy command, nevertheless you’d rely on consistency for switches named “parameter overrides” for CloudFormation, correct? Nope.

it doesn’t work

This doesn’t work:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

Because of then I get this:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*JiJc0JaaFu0CRVGWuH1oRg

East:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*0Vr7gBL0MSXLI dunFk QA

It tells me that a number of of my parameters don’t have any values.

Okay, I’ve this working elsewhere. Wanting the place it actually works I’ve this:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech
Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

In order that should work, nevertheless it doesn’t seem to work with areas. Let’s analysis the above error message but yet one more time. It contradicts documentation elsewhere on account of the documentation I found had areas between key price pairs and no sq. brackets. He moreover had no keys.

I found nevertheless the primary occasion throughout the error message above easy ample to duplicate.

This “seems” to work.

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

I don’t get an error, nevertheless I consider it’s on account of I moved the problematic parameter to the tip I consider. Presumably not after I found a remaining decision. After I am going to the AWS CloudFormation console, the define solely has the first phrase:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*IMq228JJBqxvEBW NyS9Yw

What I noticed after printing my parameter string is that the parameter throughout the parameter string in two completely totally different options was fast. I am going the variable that accommodates the price with areas proper right into a carry out that formulates the parameter string. I then go the parameter string to a distinct carry out.

That’s what occurred with that. The price was truncated from the beginning in bash when passing it to the alternative carry out. I wished to put quotes throughout the price of the variable throughout the preliminary carry out title on account of bash moreover encloses arguments in quotes.

So this:

deploy_key $profile $encryptarn $decryptarn $keyalias $desc

grow to be this:

deploy_key $profile $encryptarn $decryptarn $keyalias "$desc"

I already knew that I wanted to place values ​​into the handed arguments throughout the following carry out, nevertheless eventually all through the check out I eradicated them. So this:

deploy_key(){  profile=$1
encryptarn=$2
decryptarn=$3
keyalias=$4
 desc=$5

It wished to be this:

deploy_key(){profile=$1
encryptarn=$2
decryptarn=$3
keyalias=$4
  desc="$5" 

After I add the quotes above, now one amongst my parameter values ​​has areas in it and CloudFormation croaks in some methods. As a substitute of attempting to restore my already overly tough parameter string, I pressured my price to have single quotes like this:

desc="'$desc'"

Then when added to my parameter string, the price is single quoted inside this pretty convoluted building and I haven’t acquired to aim to sort and escape any further quotes proper right here:

parameters="["EncryptArnParam="$encryptarn'","DecryptArnParam='$decryptarn'","KeyAliasParam='$keyalias'","DescParam='$desc'"]'

Subsequent, I moreover need to put quotes throughout the parameter variable that I am going to the following carry out:

deploy_stack $profile $keyalias $resourcetype $template "$parameters"

And ultimately… I’ve in order so as to add quotes throughout the argument that I retrieved throughout the last carry out (I quoted all of these arguments out of frustration eventually, nevertheless solely the parameters argument has areas).

deploy_stack () {
profile="$1"
resourcename="$2"
resourcetype="$3"
template="$4"
parameters="$5"

And I do one other points in between, nevertheless lastly I title and use my parameters. I quoted this price as correctly.

aws cloudformation deploy 
--profile $profile 
--stack-name $stackname 
--template-file $template 
  --parameter-overrides 
"$parameters"

Then after I study CloudFormation I can see that my price with strings is present.

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*tWmsOHo7S8WkcWGiLFQNww

PHEW!!!

I was sure I’d not be succesful to make this work within the midst of all this. The first issue he helped was a helpful if significantly difficult error message. The one downside is that it took me a really very long time and quite a lot of prodding to get that error message. Presumably there’s a fashion to supply a higher error message sooner based mostly totally on the alternative inputs. Presumably AWS can add these and one other kinds of tough quote combos to their check out circumstances.

Teri Radichel

In case you want this story please applaud and proceed:

Medium: Teri Radichel or E mail Guidelines: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests corporations by the use of LinkedIn: Teri Radichel or IANS Evaluation

© second sight lab 2022

____________________________________________

Author:

Cybersecurity for executives throughout the cloud interval at Amazon

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 0*H9Ew1KCl 29nZiPR

Would you like cloud security teaching? 2nd Sight Lab Cloud Security Teaching

Is your cloud protected? Hire 2nd Sight Lab for a penetration check out or security analysis.

Do you’ve gotten a question about cybersecurity or cloud security? Ask Teri Radichel by scheduling a reputation with IANS Evaluation.

Cybersecurity and Cloud Security Sources by Teri Radichel: Cybersecurity and cloud security programs, articles, white papers, reveals, and podcasts

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech