I have a CloudFormation template to create a VPC and add a subnet and security group to it. I need to store the new security group's ID and the subnet's ID in AWS Parameter Store.
This works fine for the security group using Value: !GetAtt [securityGroup, GroupId] in the , but I can't figure out how to reference the subnet's ID in a way that works with Parameter Store.
Here are the relevant parts of the CloudFormation:
Resources:
### Subnet resource ###
subnet1:
Type: AWS::EC2::Subnet
Properties:
AvailabilityZone: !Ref SubnetAvailabilityZone1
CidrBlock: 10.2.0.0/16
VpcId: !Ref requesterVpc
### Parameter Store resource ###
subnet1Id:
Type: AWS::SecretsManager::Secret
Properties:
Description: Lambda Subnet ID
Name: /lambda-vpc/subnet/1
Value: !GetAtt [subnet1, id] # <---------- this doesn't work (Error A below)
Value: !Ref subnet1 # <---------- this doesn't work either (Error B below)
Error A
Attempting to get the 'id' attribute of the subnet understandably gives the error
resource subnet1 does not support attribute type id in Fn::GetAtt.
I also tried "SubnetId" to no avail. Looking at the subnet's CF documentation shows there's no attribute for the subnet's ID returnable with Fn::GetAtt.
Error B
Attempting to get the subnet ID using Fn::Ref doesn't work either. Even though the documentation says "Ref returns the ID of the subnet", trying to update the CF stack gives this error when it attempts to create/update the "subnet1Id" parameter:
Property validation failure: [Encountered unsupported properties in {/}: [Value]]
