I am trying to form a text with /. here is my cloudformation code:
Resources:
KeyAlias:
Type: AWS::KMS::Alias
DependsOn: KMSKey
Properties:
AliasName: alias/!Sub ${project}-${EnvironmentApp}
TargetKeyId:
Ref: KMSKey
I get a constraint validation error on this line:
AliasName: alias/!Sub ${project}-${EnvironmentApp}
Apparently cfn does not like / there. However when I replace the sub function with something static like :
"AliasName": alias/test
Also when I use join as follows:
AliasName:
- Fn::Join:
- "/"
- - 'alias'
- Ref: project
- Ref: EnvironmentApp
I get the following error:
Value of property AliasName must be of type String
How can I achieve the above and pass the constraint issue? Or is it possible at all?
Try using the Sub intrinsic function as follows (not tested)
AliasName: !Sub
- alias/${project}-${EnvironmentApp}
- { project: !Ref project, EnvironmentApp: !Ref EnvironmentApp}
Based on the Cloudformation docs for AWS::KMS::Alias, you must include the /
Also you don't need the DependsOn in this case since KMSKey is referenced in the TargetKeyId