Using AWS::SSM::Parameter to break AWS CloudFormation dependencies

readme.md

Until a few days ago, I used CloudFormation Export to transfer values between templates.

I got the error "Cannot update an export variable as it is in use by another stack." and started Googling and found

https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-systems-manager-parameter/

Of course, I had to try that myself.

The subnet id's below are from one of my training accounts ..

ParameterStore

awsume iam
awsume training

create a couple of parameter sets

aws cloudformation create-stack --stack-name parameter-1 --template-body file://ssm-write-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=subnet-6d00db36\\,subnet-19138c7e\\,subnet-a73e58ee
aws cloudformation create-stack --stack-name parameter-2 --template-body file://ssm-write-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=subnet-6d00db36\\,subnet-19138c7e

create a stack that uses one of the parameters

aws cloudformation create-stack --stack-name read-parameter --template-body file://ssm-read-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=parameter-1-SubnetIDs

update the stack to use the other parameter

aws cloudformation update-stack --stack-name read-parameter --template-body file://ssm-read-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=parameter-2-SubnetIDs

update the parameter in use, while it is in use.

aws cloudformation update-stack --stack-name parameter-2 --template-body file://ssm-write-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=subnet-6d00db36\\,subnet-19138c7e\\,subnet-a73e58ee

update the stack that uses the parameter, so that it uses the updated parameter from the previous step

aws cloudformation update-stack --stack-name read-parameter --template-body file://ssm-read-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=parameter-2-SubnetIDs

delete the parameter, while it is in use!!

aws cloudformation delete-stack --stack-name parameter-2

update the stack that uses the parameter that we just deleted, to use the parameter we still have

aws cloudformation update-stack --stack-name read-parameter --template-body file://ssm-read-parameter.yaml --parameters ParameterKey=mySubnetIDs,ParameterValue=parameter-1-SubnetIDs
>> An error occurred (ValidationError) when calling the UpdateStack operation: No updates are to be performed.
.. this operation can be done from the console, though .. might be a fluke

delete the stacks again

aws cloudformation delete-stack --stack-name parameter-1
aws cloudformation delete-stack --stack-name read-parameter

ssm-read-parameter.yaml

---
AWSTemplateFormatVersion: '2010-09-09'
Description: Read a parameter from SSM
Parameters:
  mySubnetIDs:
    Description: Name of the SSM parameter, that contains the SubnetIDs
    Type: AWS::SSM::Parameter::Value<List<AWS::EC2::Subnet::Id>>
    Default: '/parameter-1/SubnetIDs'

Resources:
  DBSubnetGroup:
    Type: AWS::RDS::DBSubnetGroup
    Properties:
      DBSubnetGroupDescription: !Sub "${AWS::StackName} reading from SSM"
      DBSubnetGroupName: !Sub "${AWS::StackName}-DBSubnetGroup"
      SubnetIds: !Ref mySubnetIDs

ssm-write-parameter.yaml

---
AWSTemplateFormatVersion: '2010-09-09'
Description: Create a variable in SSM
Parameters:
  mySubnetIDs:
    Description: Subnet IDs
    Type: "List<AWS::EC2::Subnet::Id>"
    Default: "subnet-6d00db36,subnet-19138c7e,subnet-a73e58ee"

Resources:
  SubnetIDs:
    Type: AWS::SSM::Parameter
    Properties:
      Name: !Sub '/${AWS::StackName}/SubnetIDs'
      Type: StringList
      Value: !Join [',', !Ref mySubnetIDs]