英文:
How to add password parameter field without showing values via cloudformation?
问题
我将在创建CloudFormation堆栈时输入一些参数。CloudFormation堆栈将创建一个SSM文档(AWS系统管理器),我希望在执行之前将密码作为输入参数提供给SSM文档。
"parameters": {
"sourceAMIid": {
"type": "String",
"description": "用于生成自动化AMI的源/基本AMI",
"default": {"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "HVM64"]}
},
"Username": {
"type": "String",
"description": "帐户用户名/电子邮件",
"default": "none"
},
"password": {
"type": "String",
"description": "帐户密码",
"default": "none"
},
"productName": {
"type": "String",
"description": "此参数的语法是ProductName-ProductVersion。",
"default": {
"Ref": "productName"
}
}
}
在这个字段中输入密码时,它将显示与输入的确切单词相同。是否有任何方法可以定义密码参数以如下所示显示:
英文:
I will be taking few inputs when i'm creating the cloudformation stack. Cloudformation stack will create a SSM document (AWS systems manager) and I want to give password as an input parameter to the SSM document before the execution.
"parameters": {
"sourceAMIid": {
"type": "String",
"description": "Source/Base AMI to be used for generating your Automated AMI",
"default": { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "HVM64"]}
},
"Username": {
"type": "String",
"description": "account username/email",
"default": "none"
},
"password": {
"type": "String",
"description": "account password",
"default": "none"
},
"productName": {
"type": "String",
"description": "The syntax of this parameter is ProductName-ProductVersion.",
"default": {
"Ref": "productName"
}
}
}
When i enter the password in this field it will show the exact word as it is. is there any way that i can define password parameter to display as below
答案1
得分: 15
是的,您可以使用云形成模板掩盖密码。您只需在参数内将 "NoEcho" 设置为 "true",如下所示。有关更多信息,请参阅此链接和此链接中的“使用 NoEcho 输入参数处理凭据”。
"Parameters" : {
"DBPort" : {
"Default" : "3306",
"Description" : "数据库的TCP/IP端口",
"Type" : "Number",
"MinValue" : "1150",
"MaxValue" : "65535"
},
"DBPwd" : {
"NoEcho" : "true",
"Description" : "数据库管理员账户密码",
"Type" : "String",
"MinLength" : "1",
"MaxLength" : "41",
"AllowedPattern" : "^[a-zA-Z0-9]*$"
}
}
英文:
Yes you can mask your password using cloud formation template.All you need to is set "NoEcho" to "true" inside parameters as shown below.Refer to this and Using Input Parameters with NoEcho for Credentials in this for more information.
"Parameters" : {
"DBPort" : {
"Default" : "3306",
"Description" : "TCP/IP port for the database",
"Type" : "Number",
"MinValue" : "1150",
"MaxValue" : "65535"
},
"DBPwd" : {
"NoEcho" : "true",
"Description" : "The database admin account password",
"Type" : "String",
"MinLength" : "1",
"MaxLength" : "41",
"AllowedPattern" : "^[a-zA-Z0-9]*$"
}
}
答案2
得分: 0
使用终端,可以通过使用 bash
和 read -s -p
来实现此操作。
在下面的示例中,我有一个 Makefile,它读取密码,但不会在终端上回显输入。
Make 命令
make create-test
Makefile
create-test: s3 delete-test
@read -s -p "Enter DB Root Password: " pswd; \
aws cloudformation create-stack --stack-name test --template-body file://master.yaml --parameters ParameterKey=DBRootPassword,ParameterValue=$$pswd
英文:
Using the terminal, this can be accomplished by using bash
and read -s -p
.
In the example below I have a Makefile, which reads the password, but does not echo the input to the terminal.
The Make Command
make create-test
Makefile
create-test: s3 delete-test
@read -s -p "Enter DB Root Password: " pswd; \
aws cloudformation create-stack --stack-name test --template-body file://master.yaml --parameters ParameterKey=DBRootPassword,ParameterValue=$$pswd
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论