Questions tagged [aws-cloudformation]
For questions about CloudFormation, part of the Amazon Web Services (AWS) that provides a way to manage a collection of related AWS resources.
8,334
questions
179
votes
4
answers
137k
views
ValidationError Stack:arn aws cloudformation stack is in ROLLBACK_COMPLETE state and can not be updated
When I deploy using cloudformation aws cloudformation deploy --region $region --stack-name ABC
I get the error:
An error occurred (ValidationError) when calling the CreateChangeSet
operation:
Stack:...
- 11k
167
votes
9
answers
92k
views
What is the difference between Elastic Beanstalk and CloudFormation for a .NET project? [closed]
I have developed a .NET MVC application and have started playing around with AWS and deploying it via the Visual Studio Toolkit. I have successfully deployed the application using the Elastic ...
- 10.5k
110
votes
14
answers
73k
views
How can I quickly and effectively debug CloudFormation templates?
CloudFormation is a powerful AWS offering that allows the programmatic creation of AWS resource stacks, such as the web tier of an application, a high performance computing cluster, or an entire ...
- 43.5k
94
votes
7
answers
53k
views
AWS CloudFormation Stack update error: Requires capabilities : [CAPABILITY_IAM]
When creating a stack with CloudFormation, I get this error:
Stack update error: Requires capabilities : [CAPABILITY_IAM]
I can't find a template for adding CAPABILITIES_IAM to the CloudFormation ...
- 4,815
93
votes
3
answers
38k
views
Template format error: unsupported structure seen in AWS CloudFormation
I am trying to validate an AWS example CloudFormation template using a command like:
▶ aws cloudformation validate-template --template-body template.yml
This leads to the following error message:
...
- 3,879
92
votes
5
answers
56k
views
Getting Outputs from aws cloudformation describe-stacks
I am using the below to get the stack information I want via AWS Cli:
aws cloudformation --region ap-southeast-2 describe-stacks --stack-name mystack
It's returning result OK:
{
"Stacks": [
...
- 5,364
91
votes
9
answers
34k
views
AWS OpsWorks vs AWS Beanstalk vs AWS CloudFormation? [closed]
I would like to know what are the advantages and disadvantages of using AWS OpsWorks vs AWS Beanstalk and AWS CloudFormation?
I am interested in a system that can be auto scaled to handle any high ...
- 15.1k
90
votes
12
answers
108k
views
User is not authorized to perform: cloudformation:CreateStack
I'm trying out Serverless to create AWS Lambdas and while creating a project using the command serverless project create I'm getting the following error.
AccessDenied: User: arn:aws:iam::XXXXXXXXX:...
- 2,744
90
votes
7
answers
79k
views
Specify log group for an AWS lambda?
Is there a way to specify the CloudWatch log group that an AWS lambda logs to? It seems to be generated directly from the lambda name; however, it would be especially convenient to, for example, ...
- 4,813
85
votes
7
answers
37k
views
AWS SAM YAML template - Unknown Tag !Ref
When I try to deploy my AWS SAM YAML file, it fails saying the !Ref is an unknown tag.
Any ideas to get around this?
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
...
- 2,769
85
votes
1
answer
80k
views
AWS: How to specify a boolean parameter in a CloudFormation template
I'm trying to specify a boolean parameter in a CloudFormation template so I can conditionally create resources based on a parameter passed in.
Looking at the documentation here and here it would ...
- 5,826
84
votes
1
answer
15k
views
CloudFormation insists my DynamoDB creation JSON is invalid .. but I can't see how
Here's (the DynamoDB part of) my Troposphere-generated JSON:
"sandbox": {
"Properties": {
"AttributeDefinitions": [
{
"AttributeName": "...
- 3,870
78
votes
4
answers
31k
views
Difference between SAM template and Cloudformation template
I'm finding it hard to understand the difference between SAM template and Cloudformation template. I know that SAM template can be used to define Serverless Applications like Lambda, but how does that ...
- 1,845
74
votes
4
answers
51k
views
How to use Sub and GetAtt functions at the same time in CloudFormation template?
I created CloudFormation yaml template and I need to use !GetAtt "TestLambda.Arn" as part of !Sub function in "AWS::ApiGateway::Method" Integration Uri:
Type: "AWS::ApiGateway:...
- 7,151
74
votes
3
answers
21k
views
PropertyDefinition inconsistent
I have following template that i am using in cloudformation UI to create dynamoDB table. I want to create a table with PrimaryKey as ID and sortKey as Value
{
"AWSTemplateFormatVersion" : "2010-09-...
- 8,452
74
votes
13
answers
120k
views
Can I force delete an AWS CloudFormation stack that is In Progress of Rollback
An AWS CloudFormation rollback (e.g., UPDATE_ROLLBACK_IN_PROGRESS) has been in progress forever, like over an hour and a half. I want to delete the stack altogether or force stop any activity. Is this ...
- 2,304
68
votes
14
answers
61k
views
How to create a new version of a Lambda function using CloudFormation?
I'm trying to create a new version of a Lambda function using CloudFormation.
I want to have multiple versions of the same Lambda function so that I can (a) point aliases at different versions - like ...
- 1,545
67
votes
1
answer
30k
views
Name an EC2 Instance in the CloudFormation template?
I have a template that works and generates a stack but I cannot find a property to set or something else that allows me to give a Name to the EC2 Instance I have created. When it is generated the Name ...
- 2,089
66
votes
11
answers
40k
views
CloudFormation doesn't deploy to API gateway stages on update
When I run CloudFormation deploy using a template with API Gateway resources, the first time I run it, it creates and deploys to stages. The subsequent times I run it, it updates the resources but ...
- 11.3k
64
votes
8
answers
94k
views
AWS API Gateway: User anonymous is not authorized to execute API
Trying to post to an API I've created in API gateway:
{
"Message": "User: anonymous is not authorized to perform: execute-api:Invoke on resource: arn:aws:execute-api:us-west-2:***********:...
- 4,006
63
votes
4
answers
74k
views
AWS CLI S3: copying file locally using the terminal : fatal error: An error occurred (404) when calling the HeadObject operation
I'm trying to copy files locally from s3 bucket. I can get the list of files on my bucket:
aws s3 ls s3://myBucket/myDirectory/todaysFiles/
But when I try to copy the files locally:
aws s3 cp s3://...
- 8,900
63
votes
2
answers
68k
views
How to re-deploy stack when getting 'resource already exists in stack' error, without deleting the resource
I am trying to add a 'get' function to an already existing DynamoDB table in AWS. I added a yml file for the table, and when I tried to deploy the stack, it said that the resource for my table already ...
63
votes
5
answers
27k
views
Is there a way to run initial SQL when creating an RDS database instance using CloudFormation?
I am creating an RDS instance using CloudFormation using this:
"Resources": {
"myDB": {
"Type": "AWS::RDS::DBInstance",
"Properties": {
"...
- 10.3k
61
votes
4
answers
34k
views
The target group does not have an associated load balancer
I want to create ECS service from Cloud Formation Script. The service needs to be exposed to outside with Application Load Balancer
I have created Elastic Load Balancer, a Listener and ListnerRule
...
- 801
59
votes
10
answers
23k
views
Unable to delete cfn stack, role is invalid or cannot be assumed
I'm new to aws cloudformation; I'm wondering if anybody knows of a way to force delete a stack when it just won't delete. It fails with this error:
Failed to delete stack: Role arn:aws:iam::role/...
- 6,036
58
votes
8
answers
42k
views
Cloudformation template for creating ECS service stuck in CREATE_IN_PROGRESS
I am creating an AWS ECS service using Cloudformation.
Everything seems to complete successfully, I can see the instance being attached to the load-balancer, the load-balancer is declaring the ...
- 1,180
55
votes
6
answers
30k
views
What IAM permissions are needed to use CDK Deploy?
My team has a pipeline which runs under an execution IAM role. We want to deploy code to AWS through CloudFormation or the CDK.
In the past, we would upload some artifacts to S3 buckets before ...
- 685
54
votes
3
answers
37k
views
What is Sid attribute use for in key policies?
Here is a documentation:
Sid – (Optional) The Sid is a statement identifier, an arbitrary string you can use to identify the statement.
Does it means that Sid parameter is just description?
- 32.4k
52
votes
6
answers
78k
views
How to check if specific resource already exists in CloudFormation script
I am using cloudformation to create a stack which inlcudes an autoscaled ec2 instance and an S3 bucket. For the S3 bucket I have DeletionPolicy set to Retain, which works fine, until I want to ...
- 1,830
51
votes
5
answers
70k
views
AWS cloud formation Template- providing Tags for the stack in the template
We wanted to use company specific Tags to the resources that we create in AWS for billing purposes. I am using a cloud formation template to spin up our Elasticbeanstalk instance and other project ...
- 575
51
votes
1
answer
21k
views
How to escape "${}" in cloudformations "Fn::Sub"
I want this resource to work with the !Sub (or Fn::Sub) intrinsic function
Resource: !Sub 'arn:aws:iam::${AWS::AccountId}:user/${aws:username}'
The aws:username is a policy variable that mustn't be ...
- 6,407
51
votes
3
answers
19k
views
AWS CloudFormation create-stack vs deploy
Can someone clearly explain to me difference and precedence between AWS CLI Cloudformation create-stack and deploy commands? For me it seems like they do same thing and deploy resources.
Why when you ...
- 2,168
51
votes
7
answers
33k
views
Is there a way to unit test AWS Cloudformation template
When we say that cloudformation is 'Infrastructure as Code', the next question that immediately comes to mind is how can this code be tested.
Can we do some sort of basic unit test of this code
And I ...
- 11.4k
49
votes
9
answers
28k
views
Cloudwatch failedinvocation error no logs available [closed]
I have set up a Cloudwatch rule event where an ECS task definition is started when a previous task definition is completed.
I can see the event triggers the task definition however it fails.
The ...
- 641
47
votes
4
answers
36k
views
Export AWS configuration as CloudFormation template
I´m using AWS CLI and CloudFormation, and I could not find any reference in the documentation.
Does anybody know if it´s possible to create a CloudFormation template from a current configuration.
Let´...
- 13.2k
46
votes
6
answers
32k
views
Enable CORS for API Gateway in Cloudformation template
I'm creating AWS Cloudformation template for my environment and I can't find a way to enable CORS for API Gateway method.
I can configure it using AWS console (here is the official doc), but how can ...
- 2,405
46
votes
5
answers
29k
views
InsufficientCapabilitiesException [CAPABILITY_NAMED_IAM] when creating a stack with IAM policies
I get this error when I run create-stack for a cloudformation template that contains IAM policies.
aws cloudformation create-stack --stack-name iam-stack --template-body file://./iam.yml --...
- 2,301
45
votes
3
answers
67k
views
How to resolve "The maximum number of addresses has been reached" for AWS VPC Elastic IP addresses?
I'm working with CDK/CloudFormation and recently started getting this error when attempting to create a new stack:
The maximum number of addresses has been reached.
Looking in the AWS Management ...
- 38.3k
45
votes
2
answers
49k
views
AWS SQS trigger Step Functions
Quick question: Is it possible to trigger the execution of a Step Function after an SQS message was sent?, if so, how would you specify it into the cloudformation yaml file?
Thanks in advance.
- 915
43
votes
1
answer
19k
views
Setting the capability for aws cloudformation template-validate
I am trying to validate a Cloudformation template. The command I am issuing is:
▶ aws cloudformation validate-template --template-body file://template.json
The response I am getting, however, is:
"...
- 14.9k
41
votes
3
answers
36k
views
How do you set SSE-S3 or SSE-KMS encryption on S3 buckets using Cloud Formation Template?
I'm trying to use a CloudFormation Template to spin up an S3 Bucket in AWS. One of the requirements for this project is that the bucket be encrypted in place. I've been trying to find a way to set ...
- 1,215
41
votes
1
answer
32k
views
Negate a Condition in CloudFormation Template
I have the following condition, accordingly to that condition I create some resources, while if that condition is not met then I create other resources.
Conditions:
ISProduction:
"Fn::Equals":
...
- 2,927
41
votes
3
answers
33k
views
NLB Target Group health checks are out of control
I have a Network Load Balancer and an associated Target Group that is configured to do health checks on the EC2 instances. The problem is that I am seeing a very high number of health check requests; ...
- 1,712
41
votes
4
answers
35k
views
How to fix a drifted AWS CloudFormation stack?
How to fix a drifted AWS CloudFormation stack? I modified a BackendECS Service and it is now "drifted" but there's no information on how to resolve this? This is driving me insane? Zero information on ...
- 1,282
40
votes
3
answers
29k
views
AWS Cloudformation: Conditionally create properties of resources
I know that it is possible via the use of Conditions to conditionally (what else?) create resources.
I am trying to find a way though to conditionally create properties of resources;
in my case I ...
- 18k
39
votes
7
answers
37k
views
AWS Lambda scheduled event source via cloudformation
I already have my lambda / roles defined in cloudformation and would love to also use it to add a scheduled eventsources ... are there any docs or examples around ?
- 14.9k
39
votes
8
answers
24k
views
AWS::Event::Rule FailedInvocation debug info?
I have a AWS::Event::Rule that routes a S3 put event to a ECS task. I can see the rule is being triggered from the metrics, but also see FailedInvocation on every trigger. I suspect that's a ...
- 2,498
39
votes
4
answers
71k
views
How do I update a CloudFormation stack with state UPDATE_ROLLBACK_COMPLETE?
Is it impossible to update a CloudFormation stack once it goes into the UPDATE_ROLLBACK_COMPLETE state? I am using CodePipeline to deploy things. I find that once a stack goes into some invalid state, ...
- 85.9k
38
votes
7
answers
50k
views
Is it possible to trigger a lambda on creation from CloudFormation template
I tried creating a set of lambdas using cloudformation. I want the lambdas to get triggered once they are created. I saw at various blogs to create a trigger to s3 or sns but none seems to be a option ...
- 1,830
38
votes
5
answers
49k
views
Enable Lambda function to an S3 bucket using cloudformation
We are creating an S3 bucket using a CloudFormation template. I would like to associate (Add an event to S3 bucket) a Lambda function whenever a file is added to the S3 bucket.
How is it possible ...
- 7,644