AWS CloudFormation のテンプレートファイル間の依存関係を DOT 言語 の依存グラフとして出力する。
テンプレートファイル間の依存関係には CloudFormation の Outputs および ImportValue 関数を考慮する。 ただし、複雑な Outputs/ImportValue 名を使用している場合は検知できない。 (JSON.stringify が一致する Outputs/ImportValue に依存関係があるとしている)
# Work
---
Outputs:
Test1:
Value: !Ref Res1
Export:
Name: !Sub ${Environment}-test-1
---
Resources:
Test2:
Paramenters:
XXXId: !ImportValue
"Fn::Sub": "${Environment}-test-1"
# Not Work
---
Outputs:
Test2:
Value: !Ref Res1
Export:
Name: !Join [ "-", [ !Ref Environment, "test", 1 ] ]
---
Resources:
Test2:
Paramenters:
XXXId: !ImportValue
"Fn::Sub": "${Environment}-test-1"
また、手動で依存関係を明示したい場合はコメント部分などに DependsOn: <relative_path_to_file> を記述することで依存を追加できる
# Work
---
Parameters:
VpcId: # DependsOn: other.yml
Type: String
---
# other.yml
Resources:
$ npm install -g cfn-deps
$ cfn-deps './**/*.yml' > deps.dot
FAQs
create DOT file from AWS CloudFormation Template files
The npm package cfn-deps receives a total of 0 weekly downloads. As such, cfn-deps popularity was classified as not popular.
We found that cfn-deps demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.