[SOLVED] Cloudformation: Create array of log ARNs from comma delimited list of log names – Stack Overflow


This Content is from Stack Overflow. Question asked by Jan Garaj

I have parameter LogNames – comma delimited list of log names:

    Type: String
    Default: >-

I want to use it in the IAM policy definition – Resource field:

  <array of allowed log ARNs created from LogNames parameter>

Any idea how to use functions e.g. Split, Join, Sub, … to generate correct array of log ARNs? Single log ARN have syntax:

- !Sub 'arn:aws:logs:${AWS::Region}:${AWS::AccountId}:log-group:${LogName}:*'


Its not possible without a macro or a custom resource. The only way to do it without these, is to hardcode your region and accountid and use combo of Split, Join, Sub:

    Type: CommaDelimitedList
    Default: >-

            - ","
            - !Sub
                - "arn:aws:logs:us-east-1:234234234234:log-group:${logname}"
                - logname: !Join
                          - ",arn:aws:logs:us-east-1:234234234234:log-group:"
                          - !Ref LogNames

This Question was asked in StackOverflow by Jan Garaj and Answered by Marcin It is licensed under the terms of CC BY-SA 2.5. - CC BY-SA 3.0. - CC BY-SA 4.0.

people found this article helpful. What about you?