TheLoudCloud
Published in

TheLoudCloud

This awesome CloudFormation feature is not talked about enough!

AWS CloudFormation provides parameters to get input from users. You can further validate these parameters by restricting the user input to, say, a list of values, or a regex pattern or a range of numbers.

Basic Validations on input parameters

The above template uses NoEcho which masks your user input as asterisks. It also uses AWS specific parameter “AWS::EC2::KeyPair::KeyName” which would automatically create a drop-down of EC2 Key-Pairs.

Now, these validation are quite helpful. But you usually want more customization! A parameter value may depend on another, e.g., You use a VPC parameter and then another parameter which has a list of subnets to pick from. A user could pick any of the subnets even if they’re not in that VPC!! 😦

This is where “Cross-parameter validation” comes in. 😄

A “Rules” section can be added which would include “assertions”. These assertions can validate the other parameters in the CloudFormation. In the template below, the list of subnets is being validated against the selected VPC.

You’d receive this kind of validation error:

The functionality can further be customized. You can have conditional assertions, i.e., the rule would run if a certain condition is met.

If ConfirmPassword is set to ‘Yes’, the assertions would check if both the passwords are equal, if not, display an error.

Validation error if both passwords do not match

Note:

  • Not all intrinsic functions can be used within Rules. Here is the list of valid functions.
  • Negative Assertions don’t seem to be working. e.g., if you try to assert a parameter should not be empty, the assertions doesn’t seem to work. (or maybe I couldn’t make it work!! Please share if you could)
  • Here is a CloudFormation template from AWS.

--

--

Moving away from local everything to cloud everything. Discovering what’s safe, easy, cheap, conviniet.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store