Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Pedantically, there's nothing stopping them from doing it the way CFN does it: dispatching on the value's type:

  env:
    AWS_REGION: us-east-1
    AWS_SECRET_ACCESS_KEY:
      valueFrom: ...
CFN even goes as far as having two ways to pull off that stunt, magic prefixes and objects

  Properties:
    ImageId: !Ref MyAwesomeAmi
    # or
    ImageId:
      Ref: MyAwesomeAmi
    # or cursed "{{resolve" syntax
    ImageId: !Join
      - ''
      - - '{{resolve:ssm:/aws/service/bottlerocket/aws-k8s-'
        - Ref: EksVersion
        - '/x86_64/latest/image_id}}'
    # which ends up being "ImageId: '{{resolve:ssm:/aws/service/bottlerocket/aws-k8s-1.31/x86_64/latest/image_id}}'" and then *that* gets replaced by the CFN service at provisioning time


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: