Search code examples
amazon-web-servicesyamlaws-cloudformationaws-glue

Cloudformation's condition statement (Glue's subnet)

I need my Glue job to use specific subnet based on environment it is ran in. Below line SubnetId throws syntax error. I read in aws' doc that true/false evaluation can be addressed with !Ref, issue seems to be with syntax for condition.

SubnetId: !If [!Ref UseProdCondition, !Ref PrivateSubnetAz2, !Ref PrivateSubnetAz3]

  GlueJDBCConnection:
    Type: AWS::Glue::Connection
    UseProdCondition: !Equals [!Ref "${AppEnv}", "production"]
    Properties:
      CatalogId: !Ref AWS::AccountId
      ConnectionInput:
        ConnectionType: "JDBC"
        ConnectionProperties:
          USERNAME: !Ref Username
          PASSWORD: !Ref Password
          JDBC_CONNECTION_URL: !Ref GlueJDBCStringTarget
          sslMode: 'REQUIRED'
        PhysicalConnectionRequirements:
          AvailabilityZone:
            Ref: AvailabilityZone2
          SecurityGroupIdList:
            - Fn::GetAtt: GlueJobSecurityGroup.GroupId
          SubnetId: !If [!Ref UseProdCondition, !Ref PrivateSubnetAz2, !Ref PrivateSubnetAz3] 
        Name: !Ref JDBCConnectionName
Solution

  • Condition needs to be defined as a separate resource, later referenced in specific resource.

    Thanks @MisterSmith!

    AWSTemplateFormatVersion: 2010-09-09
Description: AWS Glue Spark Job

Conditions:
  UseProdCondition: !Equals [!Ref AppEnv, "production"]


 GlueJDBCConnection:
   Type: AWS::Glue::Connection
   Properties:
     CatalogId: !Ref AWS::AccountId
     ConnectionInput:
       ConnectionType: "JDBC"
       ConnectionProperties:
         USERNAME: !Ref Username
         PASSWORD: !Ref Password
         JDBC_CONNECTION_URL: !Ref GlueJDBCStringTarget
         sslMode: 'REQUIRED'
       PhysicalConnectionRequirements:
         AvailabilityZone:
           Ref: AvailabilityZone2
         SecurityGroupIdList:
           - Fn::GetAtt: GlueJobSecurityGroup.GroupId
         #SubnetId: !Ref PrivateSubnetAz2
         SubnetId: !If [UseProdCondition, !Ref PrivateSubnetAz2, !Ref PrivateSubnetAz3]
       Name: !Ref RTMIJDBCConnectionName