Fn::FindInMap - AWS CloudFormation (original) (raw)
The intrinsic function Fn::FindInMap returns the value corresponding to keys in a two-level map that's declared in the Mappings section.
Declaration
JSON
{ "Fn::FindInMap" : [ "MapName", "TopLevelKey", "SecondLevelKey"] }YAML
Syntax for the full function name:
Fn::FindInMap: [ MapName, TopLevelKey, SecondLevelKey ]Syntax for the short form:
!FindInMap [ MapName, TopLevelKey, SecondLevelKey ]Note
You can't nest two instances of two functions in short form.
Parameters
MapName
The logical name of a mapping declared in the Mappings section that contains the keys and values.
TopLevelKey
The top-level key name. Its value is a list of key-value pairs.
SecondLevelKey
The second-level key name, which is set to one of the keys from the list assigned toTopLevelKey.
Return value
The value that's assigned to SecondLevelKey.
Examples
The following examples demonstrate how to use the Fn::FindInMap function.
Use Fn::FindInMap with region-specific values
The following example shows how to use Fn::FindInMap for a template with aMappings section that contains a single map, RegionMap, that associates AMIs with AWS Regions.
- The map has 5 top-level keys that correspond to various AWS Regions.
- Each top-level key is assigned a list with two second level keys,
"HVM64"and"HVMG2", that correspond to the AMI's architecture. - Each of the second-level keys is assigned an appropriate AMI name.
The example template contains an AWS::EC2::Instance resource whoseImageId property is set by the FindInMap function.
MapName is set to the map of interest, "RegionMap" in this example. TopLevelKey is set to the Region where the stack is created, which is determined by using the "AWS::Region" pseudo parameter.SecondLevelKey is set to the desired architecture, "HVM64" for this example.
FindInMap returns the AMI assigned to FindInMap. For a HVM64 instance in us-east-1, FindInMap would return"ami-0ff8a91507f77f867".
Note
Consider AWS Systems Manager parameters as an alternative to the Mappings section. To avoid updating all your templates with a new ID each time the AMI that you want to use changes, use the AWS::SSM::Parameter::Value<AWS::EC2::Image::Id> parameter type to retrieve the latest AMI ID when the stack is created or updated. The latest versions of commonly used AMIs are also available as public parameters in Systems Manager. For more information, see Specify existing resources at runtime with CloudFormation-supplied parameter types.
JSON
{
...
"Mappings" : {
"RegionMap" : {
"us-east-1" : {
"HVM64" : "ami-0ff8a91507f77f867", "HVMG2" : "ami-0a584ac55a7631c0c"
},
"us-west-1" : {
"HVM64" : "ami-0bdb828fd58c52235", "HVMG2" : "ami-066ee5fd4a9ef77f1"
},
"eu-west-1" : {
"HVM64" : "ami-047bb4163c506cd98", "HVMG2" : "ami-0a7c483d527806435"
},
"ap-southeast-1" : {
"HVM64" : "ami-08569b978cc4dfa10", "HVMG2" : "ami-0be9df32ae9f92309"
},
"ap-northeast-1" : {
"HVM64" : "ami-06cd52961ce9f0d85", "HVMG2" : "ami-053cdd503598e4a9d"
}
}
},
"Resources" : {
"myEC2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"ImageId" : {
"Fn::FindInMap" : [
"RegionMap",
{
"Ref" : "AWS::Region"
},
"HVM64"
]
},
"InstanceType" : "t2.micro"
}
}
}
}YAML
Mappings:
RegionMap:
us-east-1:
HVM64: "ami-0ff8a91507f77f867"
HVMG2: "ami-0a584ac55a7631c0c"
us-west-1:
HVM64: "ami-0bdb828fd58c52235"
HVMG2: "ami-066ee5fd4a9ef77f1"
eu-west-1:
HVM64: "ami-047bb4163c506cd98"
HVMG2: "ami-0a7c483d527806435"
ap-southeast-1:
HVM64: "ami-08569b978cc4dfa10"
HVMG2: "ami-0be9df32ae9f92309"
ap-northeast-1:
HVM64: "ami-06cd52961ce9f0d85"
HVMG2: "ami-053cdd503598e4a9d"
Resources:
myEC2Instance:
Type: "AWS::EC2::Instance"
Properties:
ImageId: !FindInMap
- RegionMap
- !Ref 'AWS::Region'
- HVM64
InstanceType: t2.microUse Fn::FindInMap for environment-specific configurations
The following example shows how to use Fn::FindInMap for a template with aMappings section that contains a single map, SecurityGroups. It also contains an EnvironmentType parameter that allows you to specify whether the environment is Dev or Prod. It defaults to Dev but can be overridden during stack creation.
Fn::FindInMap returns the appropriate SecurityGroupIds based on the EnvironmentType parameter. Fn::Split then splits the comma-separated string of security group IDs into a list, which is the expected format forSecurityGroupIds.
If you deploy this stack with EnvironmentType set to Dev, theSecurityGroupIds for EC2Instance will besg-12345678. If you set EnvironmentType to Prod, it will use sg-abcdef01 and sg-ghijkl23.
JSON
{
...
"Parameters":{
"EnvironmentType":{
"Description":"The environment type (Dev or Prod)",
"Type":"String",
"Default":"Dev",
"AllowedValues":[
"Dev",
"Prod"
]
}
},
"Mappings":{
"SecurityGroups":{
"Dev":{
"SecurityGroupIds":"sg-12345678"
},
"Prod":{
"SecurityGroupIds":"sg-abcdef01,sg-ghijkl23"
}
}
},
"Resources":{
"Ec2Instance":{
"Type":"AWS::EC2::Instance",
"Properties":{
"ImageId": "ami-0a70b9d193ae8a799",
"InstanceType": "t2.micro",
"SecurityGroupIds":{
"Fn::Split":[
",",
{
"Fn::FindInMap":[
"SecurityGroups",
{
"Ref":"EnvironmentType"
},
"SecurityGroupIds"
]
}
]
}
}
}
}
}YAML
Parameters:
EnvironmentType:
Description: The environment type (Dev or Prod)
Type: String
Default: Dev
AllowedValues:
- Dev
- Prod
Mappings:
SecurityGroups:
Dev:
SecurityGroupIds: sg-12345678
Prod:
SecurityGroupIds: sg-abcdef01,sg-ghijkl23
Resources:
Ec2Instance:
Type: 'AWS::EC2::Instance'
Properties:
ImageId: ami-0a70b9d193ae8a799
InstanceType: t2.micro
SecurityGroupIds:
Fn::Split:
- ","
- Fn::FindInMap: [ SecurityGroups, !Ref EnvironmentType, SecurityGroupIds ]Supported functions
You can use the following functions in a Fn::FindInMap function:
Fn::FindInMapRef
Related resources
To use other intrinsic functions or a default value in a Fn::FindInMap function, you must declare the AWS::LanguageExtensions transform within your template. For more information, see Fn::FindInMap enhancements.
These related topics can be helpful as you develop templates that use theFn::FindInMap function.