amazon-web-servicesaws-cloudformationaws-parameter-store

Use SSM parameter whose name depends on a CFN parameter


I have a CloudFormation template that looks something like the following:

AWSTemplateFormatVersion: '2010-09-09'
Parameters:
  env:
    Type: String
    Default: NONE
Resources:
  GraphQLAPI:
    Type: AWS::AppSync::GraphQLApi
    Properties:
      Name: !Sub 'my-api-${env}'
      AuthenticationType: AMAZON_COGNITO_USER_POOLS
      UserPoolConfig:
        UserPoolId: <something>
        AwsRegion: !Ref AWS::Region
        DefaultAction: ALLOW

Suppose that I already have a SSM parameter named /dev/cognitoUserPoolId. When I create this template, passing env=dev, I want to use the value of that parameter as the UserPoolId. I want to avoid manually passing a new CFN parameter for every SSM parameter, as there may be quite a few in practice.


Solution

  • You should be able to use dynamic references to the SSM parameters in your template.

    Something like:

    AWSTemplateFormatVersion: '2010-09-09'
    Parameters:
      env:
        Type: String
        Default: NONE
    Resources:
      GraphQLAPI:
        Type: AWS::AppSync::GraphQLApi
        Properties:
          Name: !Sub 'my-api-${env}'
          AuthenticationType: AMAZON_COGNITO_USER_POOLS
          UserPoolConfig:
            UserPoolId: !Sub '{{resolve:ssm:/${env}/cognitoUserPoolId:1}}'
            AwsRegion: !Ref AWS::Region
            DefaultAction: ALLOW
    

    https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html