Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

A convoluted combination of Bash and CloudFormation that induced unpleasantly sophisticated errors

I spent method an extreme period of time attempting to find out straightforward strategies to go a KMS key description with areas to a CloudFormation stack with parameter overrides.

It doesn’t help that AWS seems to have completely completely different and what seem like flawed options in every single place.

Someplace throughout the documentation I found an occasion like this:

aws cloudformation deploy [...] --parameter-overrides key=value key2=value

I be taught all these pages that say it’s finest to be succesful to go parameters by quoting the necessary factor and price like this:

"key=value"

However, that was not very clear. What you in all probability have plenty of parameters to override? Do quotes go spherical all parameters like this?

"key=value key2=value"

or just each key, value pair like this?

"key=value" "key2=value"

[And why is it called “override” anyway instead of just parameters — that doesn’t really make sense. I’m not overriding anything I’m passing in parameters…but I digress]

I tried every strategies and obtained errors saying my stack couldn’t deploy and/or the home was throwing one factor out of whack, so every phrase in my string with areas was used for every key-value pair. None of those codecs merely labored for me.

So I tried this:

"key='one factor with areas' key2='one factor else'"

With the earlier format, after I regarded throughout the CloudFormation console for parameters, single quotes had been included in my parameters, which isn’t what I would love. It seems to be like like the one quotes are on the value as a substitute of surrounding it.

The reply proper right here didn’t work each, although it apparently works in SAM:

I’ve tried a bunch of variations of the reply on the bottom of this publish, nevertheless I’m attempting to not go a JSON string. YAML is cleaner and avoids JSON as rather a lot as potential.

This downside has been reported time and again. And in the long term fully not one of many options had been proper in my case… nevertheless be taught on as I’ve a specific case. In any case positive.

I merely found this publish which is attention-grabbing:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*9pgiSthBYK4oVKU6jeLyzQ

the issue is that every key-value pair is enclosed in single quotes in addition to the one with areas:

"TAG2='Check out Problem'"

I was putting quotes throughout the overall parameter string, not each specific individual key value pair. Let’s try.

Successfully, not lower than I get a singular error:

JSON handed to --parameter-overrides ought to be one in all many codecs: ["Key1=Value1","Key2=Value2", ...] , ["ParameterKey": "Key1", "ParameterValue": "Value1", ...] , ["Parameters": "Key1": "Value1", "Key2": "Value2", ...]

East?

parameters="["EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc"]"

No. How about this?

parameters="["EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc"]"

No. Probably this?

parameters=""EncryptArnParam=$encryptarn","DecryptArnParam=$decryptarn","KeyAliasParam=$keyalias","DescParam=$desc""

When all else fails… be taught the documentation. I found this web page:

This occasion reveals putting after a worth with areas in it.

--parameter-overrides ParameterKey=MaximumExecutionFrequency,ParameterValue=TwentyFour_Hours,Twelve_Hours

Successfully that’s completely completely different. Let’s try. The occasion just isn’t for the deploy command, nevertheless you’d depend on consistency for switches named “parameter overrides” for CloudFormation, correct? Nope.

it doesn’t work

This doesn’t work:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

On account of then I get this:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*JiJc0JaaFu0CRVGWuH1oRg

East:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*0Vr7gBL0MSXLI dunFk QA

It tells me that a couple of of my parameters don’t have any values.

Okay, I’ve this working elsewhere. Wanting the place it actually works I’ve this:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech
Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

In order that must work, nevertheless it doesn’t seem to work with areas. Let’s analysis the above error message but yet another time. It contradicts documentation elsewhere on account of the documentation I found had areas between key value pairs and no sq. brackets. He moreover had no keys.

I found nevertheless the primary occasion throughout the error message above simple ample to duplicate.

This “seems” to work.

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

I don’t get an error, nevertheless I consider it’s on account of I moved the problematic parameter to the tip I consider. Probably not after I found a remaining decision. After I am going to the AWS CloudFormation console, the define solely has the first phrase:

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*IMq228JJBqxvEBW NyS9Yw

What I noticed after printing my parameter string is that the parameter throughout the parameter string in two completely completely different options was fast. I am going the variable that accommodates the value with areas proper right into a carry out that formulates the parameter string. I then go the parameter string to a distinct carry out.

That’s what occurred with that. The price was truncated from the beginning in bash when passing it to the alternative carry out. I needed to put quotes throughout the value of the variable throughout the preliminary carry out identify on account of bash moreover encloses arguments in quotes.

So this:

deploy_key $profile $encryptarn $decryptarn $keyalias $desc

turn out to be this:

deploy_key $profile $encryptarn $decryptarn $keyalias "$desc"

I already knew that I wanted to place values ​​into the handed arguments throughout the following carry out, nevertheless eventually all through the check out I eradicated them. So this:

deploy_key(){  profile=$1
encryptarn=$2
decryptarn=$3
keyalias=$4
 desc=$5

It needed to be this:

deploy_key(){profile=$1
encryptarn=$2
decryptarn=$3
keyalias=$4
  desc="$5" 

After I add the quotes above, now one amongst my parameter values ​​has areas in it and CloudFormation croaks in some methods. Instead of attempting to restore my already overly troublesome parameter string, I pressured my value to have single quotes like this:

desc="'$desc'"

Then when added to my parameter string, the value is single quoted inside this beautiful convoluted development and I haven’t obtained to try to kind and escape any additional quotes proper right here:

parameters="["EncryptArnParam="$encryptarn'","DecryptArnParam='$decryptarn'","KeyAliasParam='$keyalias'","DescParam='$desc'"]'

Subsequent, I moreover need to put quotes throughout the parameter variable that I am going to the following carry out:

deploy_stack $profile $keyalias $resourcetype $template "$parameters"

And finally… I’ve in order so as to add quotes throughout the argument that I retrieved throughout the last carry out (I quoted all of these arguments out of frustration eventually, nevertheless solely the parameters argument has areas).

deploy_stack () {
profile="$1"
resourcename="$2"
resourcetype="$3"
template="$4"
parameters="$5"

And I do one other points in between, nevertheless lastly I identify and use my parameters. I quoted this value as correctly.

aws cloudformation deploy 
--profile $profile 
--stack-name $stackname 
--template-file $template 
  --parameter-overrides 
"$parameters"

Then after I look at CloudFormation I can see that my value with strings is present.

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 1*tWmsOHo7S8WkcWGiLFQNww

PHEW!!!

I was sure I might not be succesful to make this work within the midst of all this. The first issue he helped was a helpful if significantly sophisticated error message. The one downside is that it took me a really very long time and quite a lot of prodding to get that error message. Probably there’s a way to supply a larger error message sooner primarily based totally on the alternative inputs. Probably AWS can add these and one other varieties of troublesome quote combos to their check out circumstances.

Teri Radichel

In case you want this story please applaud and proceed:

Medium: Teri Radichel or E mail Guidelines: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests firms by means of LinkedIn: Teri Radichel or IANS Evaluation

© second sight lab 2022

____________________________________________

Author:

Cybersecurity for executives throughout the cloud interval at Amazon

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech 0*H9Ew1KCl 29nZiPR

Would you like cloud security teaching? 2nd Sight Lab Cloud Security Teaching

Is your cloud secure? Lease 2nd Sight Lab for a penetration check out or security analysis.

Do you’ve gotten a question about cybersecurity or cloud security? Ask Teri Radichel by scheduling a reputation with IANS Evaluation.

Cybersecurity and Cloud Security Sources by Teri Radichel: Cybersecurity and cloud security programs, articles, white papers, exhibits, and podcasts

Cannot Pass Spaces to AWS CloudFormation Deploy Parameter-Overrides | by Teri Radichel | Bugs That Bite | Sep, 2022 | Throne Tech

By admin

x