Last month there was a post on the AWS Management Tools blog about how you can use Template Constraint Rules in CloudFormation.
Template Constraints is a Service Catalog feature that allows you to validate the values of different parameters against each other. While this is well documented in the Service Catalog documentation, it isn’t mentioned in the CloudFormation Template Anatomy at all.
However, after testing it for myself, I can confirm that it does indeed work in “pure” CloudFormation. I encourage you to read the full post, but here is a simple example that will only deploy if both parameters have the same value:
Parameters: CanBeAnything: Type: String MustBeTheSame: Type: String Rules: ValidateEqual: Assertions: - AssertDescription: Both parameters must be the same Assert: "Fn::Equals": - !Ref CanBeAnything - !Ref MustBeTheSame Resources: DummyResource: Type: "AWS::SSM::Parameter" Properties: Type: "String" Value: !Ref CanBeAnything
Using two different values will give you the AssertDescription as an error:
It’s easy to write more complex assertions, as both the syntax and the available functions (there are more functions available than the CloudFormation Condition Functions) can be found in the Service Catalog documentation.