如何使用yaml格式文件在serverless.yml中编写嵌套IF，同时将其用于云形成？

Question

我正在尝试通过SSM (系统管理器- https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-parameter-store.html )访问在秘密管理器(https://aws.amazon.com/secrets-manager/)中创建的秘密，即AWS参数存储，并将其存储在serverless.yml文件中的自定义YAML变量中？我正在尝试通过无服务器框架(https://serverless.com/)实现云的形成，并且我正在尝试使用下面的代码在云形成中实现嵌套的if语句来实现上面的内容。

 stage: &stage 'dev' #Hardcoded for now
 rdsMasterPassword:
 !If
  - !Equals [*stage,"prod"]
  - ${ssm:/aws/reference/secretsmanager/cred-prod~true:rdsMasterPassword}
  - !If 
      - !Equals [*stage,"staging"]
      - ${ssm:/aws/reference/secretsmanager/cred-staging~true:rdsMasterPassword}
      - ${ssm:/aws/reference/secretsmanager/cred-dev~true:rdsMasterPassword}

我已经尝试过云形成内部函数Fn::If，但面对这个错误：Fn::If requires a list argument with the first element being a condition

Answer 1

我只想指出，如果您希望根据环境加载不同的SSM路径，您可以通过许多方法来实现，outlined here

例如，我在加载json文件时非常愉快。

-- serverless-staging.json --
{
  "ssm_path": "/path/to/staging/ssm/parameter"
}

-- serverless-prod.json --
{
  "ssm_path": "/path/to/prod/ssm/parameter"
}

-- serverless.yml --
...
stage: ${opt:stage, 'dev'}
environment:
  SSM_PATH: ${file(serverless-${self:provider.stage}.json):ssm_path}
... etc etc

希望这能帮助其他人从搜索中找到这里

Answer 2

由于YAML中的限制，无法对内部函数序列使用快捷语法。

请参阅docs中的“重要”部分以供参考。

试试这个：

stage: &stage 'dev' #Hardcoded for now
rdsMasterPassword:
  Fn::If:
    - Fn::Equals: [*stage, "prod"]
    - ${ssm:/aws/reference/secretsmanager/cred-prod~true:rdsMasterPassword}
    - Fn::If: 
      - Fn::Equals: [*stage, "staging"]
      - ${ssm:/aws/reference/secretsmanager/cred-staging~true:rdsMasterPassword}
      - ${ssm:/aws/reference/secretsmanager/cred-dev~true:rdsMasterPassword}