如何在cloudfromation模板中生成和插入ssh公钥定义

我已经通过amazon web控制台生成了ssh密钥。但是如何使用它来创建胶水开发者端点呢？

考虑以下代码片段：

IAMRole:
Type: "AWS::IAM::Role"
DeletionPolicy: "Delete"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: "Allow"
Principal:
Service: "glue.amazonaws.com"
Action: "sts:AssumeRole"
ManagedPolicyArns:
- "arn:aws:iam::aws:policy/AmazonS3FullAccess"
- "arn:aws:iam::aws:policy/service-role/AWSGlueServiceRole"
MaxSessionDuration: 3600
Path: "/role/"
# PermissionsBoundary: String
# Policies: Json
RoleName: "GlueDevEndpoint"
GlueDevEndpoint:
Type: AWS::Glue::DevEndpoint
DeletionPolicy: "Delete"
Properties:
EndpointName: MyEndpointName
GlueVersion: "1.0"
NumberOfNodes: 2
PublicKey: >
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "imported-openssh-key"
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
CCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCCC
DDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDDD
EEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
---- END SSH2 PUBLIC KEY ----
RoleArn: !GetAtt IAMRole.Arn

我得到错误：

An error occurred: GlueDevEndpoint - Invalid SSH RSA public key. ssh-keygen -t rsa -C "your_email@example.com" (Service: AWSGlue; Status Code: 400; Error Code: InvalidInputException.

我试着把一个内容从：

1. pem文件从aws控制台下载
2. 通过油灰提取公共/私人关键部件并使用
3. 通过命令提取公钥：openssl rsa-在my-key.pem-pubout>my-key_pubrsa
4. 通过命令提取公钥：ssh密钥根-y-f my-key.pem>my-key2.pubrsa

放入所有这些文件中的内容会导致相同的错误。我认为应该生成具有类似头的公钥-----BEGIN RSA PUBLIC KEY-----，但之前的所有方法都给了我具有不同标头的公钥：-----BEGIN RSA PRIVATE KEY-----、---- BEGIN SSH2 PUBLIC KEY ----、-----BEGIN PUBLIC KEY-----

有什么想法吗？