How to get current VPC CIDR using fn :: att or fn :: select or any other built-in functions when setting output in cf-template

Question

How to get current VPC CIDR using fn :: att or fn :: select or any other built-in functions when setting output in cf-template

I see that there are functions Fn :: GetAtt and Fn :: Select, but how can I use one or any other that can return the VPC CIDR and set the CidrIp property in the list below (cf tempalate)

  "OutboundRule": {
  "Type": "AWS::EC2::SecurityGroupEgress",
  "Properties":{
    "IpProtocol": "tcp",
    "FromPort": "80",
    "ToPort": "80",
    "CidrIp" : "<VPC Cidr>"
  }
}

+4

amazon-web-services amazon-cloudformation

Rajesh cheedalla Mar 2 '16 at 21:16

source share

1 answer

Fishizzle · Accepted Answer · 2016-03-03T01:53:49+0000

If you have already declared your VPC as another resource in the same template, you can use Fn::GetAttits CIDR to reference it, like this (assuming MyVPC is the logical name you gave this VPC resource):

{
  "OutboundRule": {
  "Type": "AWS::EC2::SecurityGroupEgress",
  "Properties":{
    "IpProtocol": "tcp",
    "FromPort": "80",
    "ToPort": "80",
    "CidrIp" : { "Fn::GetAtt" : [ "MyVPC", "CidrBlock" ] }
  }
}

, Fn::GetAtt, , , , . .

VPC , CIDR CloudFormation { "Ref": "<parmeterName>" } Fn::GetAtt.

Update: 19 2016 ., .

( YAML JSON, ):

1:

...

Outputs:

  VpcCidrBlock:
    Description: My VPC CIDR block.
    Value:
      Fn::GetAtt:
        - MyVpc
        - CidrBlock
    Export:
      Name: MyVpcCidrBlock

2:

...

Resources:

  Type: "AWS::EC2::SecurityGroupEgress"
  Properties:
    CidrIp:
      Fn::ImportValue: MyVpcCidrBlock
    FromPort: 80
    IpProtocol: tcp
    ToPort: 80

: 1 , 2.

How to get current VPC CIDR using fn :: att or fn :: select or any other built-in functions when setting output in cf-template

More articles: