如何通过CloudFormation添加密码参数字段,而不显示值?

huangapple go评论79阅读模式
英文:

How to add password parameter field without showing values via cloudformation?

问题

我将在创建CloudFormation堆栈时输入一些参数。CloudFormation堆栈将创建一个SSM文档(AWS系统管理器),我希望在执行之前将密码作为输入参数提供给SSM文档。

"parameters": {
  "sourceAMIid": {
    "type": "String",
    "description": "用于生成自动化AMI的源/基本AMI",
    "default": {"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "HVM64"]}
  },
  "Username": {
    "type": "String",
    "description": "帐户用户名/电子邮件",
    "default": "none"
  },
  "password": {
    "type": "String",
    "description": "帐户密码",
    "default": "none"
  },
  "productName": {
    "type": "String",
    "description": "此参数的语法是ProductName-ProductVersion。",
    "default": {
      "Ref": "productName"
    }
  }
}

在这个字段中输入密码时,它将显示与输入的确切单词相同。是否有任何方法可以定义密码参数以如下所示显示:

英文:

I will be taking few inputs when i'm creating the cloudformation stack. Cloudformation stack will create a SSM document (AWS systems manager) and I want to give password as an input parameter to the SSM document before the execution.

"parameters": {
              "sourceAMIid": {
              "type": "String",
              "description": "Source/Base AMI to be used for generating your Automated AMI",
              "default": { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "HVM64"]}
                       },
               "Username": {
                           "type": "String",
                           "description": "account username/email",
                           "default": "none"
                       },
                       "password": {
                           "type": "String",
                           "description": "account password",
                           "default": "none"
                       },
                     
                       "productName": {
                           "type": "String",
                           "description": "The syntax of this parameter is ProductName-ProductVersion.",
                           "default": {
                               "Ref": "productName"
                    }
       }
}

如何通过CloudFormation添加密码参数字段,而不显示值?

When i enter the password in this field it will show the exact word as it is. is there any way that i can define password parameter to display as below

如何通过CloudFormation添加密码参数字段,而不显示值?

答案1

得分: 15

是的,您可以使用云形成模板掩盖密码。您只需在参数内将 "NoEcho" 设置为 "true",如下所示。有关更多信息,请参阅此链接此链接中的“使用 NoEcho 输入参数处理凭据”。

"Parameters" : {
  "DBPort" : {
    "Default" : "3306",
    "Description" : "数据库的TCP/IP端口",
    "Type" : "Number",
    "MinValue" : "1150",
    "MaxValue" : "65535"
  },
  "DBPwd" : {
    "NoEcho" : "true",
    "Description" : "数据库管理员账户密码",
    "Type" : "String",
    "MinLength" : "1",
    "MaxLength" : "41",
    "AllowedPattern" : "^[a-zA-Z0-9]*$"
  }
}
英文:

Yes you can mask your password using cloud formation template.All you need to is set "NoEcho" to "true" inside parameters as shown below.Refer to this and Using Input Parameters with NoEcho for Credentials in this for more information.

"Parameters" : {
  "DBPort" : {
    "Default" : "3306",
    "Description" : "TCP/IP port for the database",
    "Type" : "Number",
    "MinValue" : "1150",
    "MaxValue" : "65535"
  },
  "DBPwd" : {
    "NoEcho" : "true",
    "Description" : "The database admin account password",
    "Type" : "String",
    "MinLength" : "1",
    "MaxLength" : "41",
    "AllowedPattern" : "^[a-zA-Z0-9]*$"
  }
}

答案2

得分: 0

使用终端,可以通过使用 bashread -s -p 来实现此操作。

在下面的示例中,我有一个 Makefile,它读取密码,但不会在终端上回显输入。

Make 命令

make create-test

Makefile

create-test: s3 delete-test
     @read -s -p "Enter DB Root Password: "  pswd; \
     aws cloudformation create-stack --stack-name test --template-body file://master.yaml --parameters ParameterKey=DBRootPassword,ParameterValue=$$pswd
英文:

Using the terminal, this can be accomplished by using bash and read -s -p.

In the example below I have a Makefile, which reads the password, but does not echo the input to the terminal.

The Make Command

make create-test

Makefile

create-test: s3 delete-test
     @read -s -p "Enter DB Root Password: "  pswd; \
     aws cloudformation create-stack --stack-name test --template-body file://master.yaml --parameters ParameterKey=DBRootPassword,ParameterValue=$$pswd

huangapple
  • 本文由 发表于 2020年1月3日 14:08:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/59573935.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定