Questions tagged [aws-cloudformation]
For questions about CloudFormation, part of the Amazon Web Services (AWS) that provides a way to manage a collection of related AWS resources.
8,333
questions
19
votes
6
answers
32k
views
how to connect a cloudwatch alarm to a lambda function
How do you connect an aws cloud watch alarm to a lambda function invocation?
I am programmatically adding a cloud watch alarm to the ELBs that we create as part of a cloud formation stack via AWS ...
- 483
19
votes
3
answers
24k
views
Dynamic environment variables for AWS Lambda using cloudformation template
I have to use AWS lambda in various stack of my application, thus I have created a generic cloud-formation template to create a lambda function. This template can be included in another cloud-...
- 3,280
19
votes
2
answers
9k
views
Could not create AWS::ECS::Service via cloudformation yaml, got Model validation failed
During creation of AWS::ECS::Service via cloudformation i got the error: Model validation failed
The error is related to #HealthCheckGracePeriodSeconds and some other properties. Error detail is: ...
- 3,539
19
votes
1
answer
5k
views
How can I reference the Default VPC in CloudFormation?
I have a stack which needs resources which need to be deployed in a certain VPC. I want to use the default VPC but I don't want to parameterize this. Is there a way to automatically obtain the default ...
- 14.5k
18
votes
4
answers
42k
views
How to add S3 BucketPolicy with AWS CDK?
I wanna translate this CloudFormation piece into CDK:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: S3BucketImageUploadBuffer
PolicyDocument:
Version: "2012-10-17"
Statement:
...
- 9,002
18
votes
5
answers
40k
views
CloudFormation is not authorized to perform: iam:PassRole on resource
This is part of the code of my template.yml in Cloud9:
Type: 'AWS::Serverless::Function'
Properties:
Handler: index.handler
Runtime: nodejs6.10
CodeUri: .
Description: Updates records in the ...
- 499
18
votes
2
answers
11k
views
How to add a RDS instance to a VPC using aws cloudformation
When I launch a RDS instance manually I'm able to assign what VPC I want it to be part of. I'm trying to create a stack using AWS cloudformation, however I do not see an API to be able to do that. I ...
- 2,544
18
votes
2
answers
19k
views
How do I create an Ec2 Instance with a Public IP automatically **without** declaring an Elastic IP in cloudformation?
In AWS Cloudformation, is there any way to declare an EC2 instance in VPC with a Public IP without the need to declare an Elastic IP and attach to it?
In AWS::AutoScaling::LaunchConfiguration, you ...
- 1,462
18
votes
4
answers
28k
views
AWS Cloud Formation Stuck in Review_In_Progress
I was trying to set up AWS Code Pipeline with AWS SAM for Lambda using Java-8 as mentioned in the documentations
http://docs.aws.amazon.com/lambda/latest/dg/automating-deployment.html
(example is in ...
- 203
18
votes
1
answer
17k
views
CloudFormation Stack Errors with REST API Doesn't Contain Any Methods
Get the following when deploying a CloudFormation stack:
The REST API doesn't contain any methods (Service: AmazonApiGateway;
Status Code: 400; Error Code: BadRequestException; Request ID:
...
- 4,041
18
votes
2
answers
38k
views
Getting an error trying to create an AWS API Gateway via Cloudformation
I'm trying to make a simple Cloudformation to create a website hosted on S3 with an API Gateway backend. Everything seems OK as far as I can tell but I get errors when trying to create the API Gateway:...
- 21.3k
18
votes
2
answers
7k
views
Cloudformation error: route table X and network gateway Y belong to different networks
I have the following network ELB networking resources config, in order to route outbound traffic through a single elastic ip.
I get the following error:
"AWS::EC2::Route PublicRoute CREATE_FAILED: ...
- 209
18
votes
3
answers
14k
views
Trying to pass parameters from Master to child template
I'm trying to pass list parameters from master to child template, however I'm running into two errors.. These are my current parameters on the master template.
"Parameters": {
"ELBSubnets": {
...
- 627
18
votes
5
answers
15k
views
Referencing !Ref DynamoDB table name in a AWS CloudFormation template
I am trying to locally test passing the table name of a DynamoDB table as declared in my CloudFormation template file.
From all the documentation I have read, I should be able to reference the the ...
- 3,837
18
votes
4
answers
8k
views
CloudFormation cross-stack vs nested-stack
I'm facing a decision to Use Cross-Stack References to Export Shared Resources or to Use Nested Stacks to Reuse Common Template Patterns following AWS CloudFormation best practices.
However, they ...
- 6,753
18
votes
5
answers
16k
views
AWS Cloudformation Role is not authorized to perform AssumeRole on Role
I am trying to execute a cloudformation stack which contains the following resources:
Codebuild project
Codepipeline pipeline
Roles needed
While trying to execute the stack, it fails with the ...
- 907
18
votes
1
answer
6k
views
aws CloudFormation AWS::EC2::Instance BlockDeviceMappings and Volumes
I am sort of confused about two AWS::EC2::Instance properties:
BlockDeviceMappings and Volumes.
I have read documentation a number of times but still don't really understand the difference.
Here is ...
- 983
18
votes
1
answer
3k
views
How does AWS Amplify cloudformation parameter.json work?
I recently started using AWS Amplify and I've had experience using vanilla cloudformation. Most of it makes sense except for the parameters.json part.
It seems that Amplify generates cloudformation ...
- 4,335
17
votes
8
answers
37k
views
Unable to add cloudfront as trigger to lambda function
Hi I've followed this instruction try to resize image with Cloudfront and lambda@edge. When I tried to test the resized image, I keep getting the error message below:
The Lambda function associated ...
- 881
17
votes
4
answers
24k
views
AWS CloudFormation function call fails: Fn::ImportValue must not depend on any resources, imported values, or Fn::GetAZs
I have a cloud formation template (mainVPC) that creates few Subnets in a VPC and exports the subnets with names "PrivateSubnetA", "PrivateSubnetB" ...
I have a different cloud formation template that ...
17
votes
4
answers
20k
views
How can I (securely) download a private S3 asset onto a new EC2 instance with cloudinit?
I'm using CloudFormation to manage a Tomcat webserver stack but am tired of doing raw AMI management for new application versions. I'd like to move in the direction of Chef but don't have the time ...
- 43.5k
17
votes
5
answers
21k
views
AWS CFN "The parameter groupName cannot be used with the parameter subnet"
This is driving me mad and no matter what I try I always get the following error when creating the stack:
*The parameter groupName cannot be used with the parameter subnet*
I have triple checked ...
- 213
17
votes
4
answers
24k
views
How to deny all outbound traffic from an AWS EC2 Instance using a Security Group?
I am trying to set an AWS Security Group egress rule which blocks all outbound traffic. It has been known that by default, security groups allow all outbound traffic.
I am using AWS CloudFormation ...
- 1,079
17
votes
5
answers
16k
views
CloudFormation template - Using existing IAM role in for Lambda functions
I'm trying to use an existing role (present in the AWS account) in a cloudformation template to setup a lambda function, i plan to be use this across multiple AWS accounts.
In the CF template, I'm ...
- 1,084
17
votes
4
answers
24k
views
How to use !FindInMap in !Sub | userdata section
Currently I am converting CFT from JSON to Yaml. Everything works fine until Userdata section.I am having hard time to use any of functions like !Ref or !FindInMap in userdata section.
UserData:
...
- 171
17
votes
1
answer
25k
views
AWS Cloudformation create resource conditionally
I was looking at the Condition Function Fn::If: to create or provision a resource only if a condition is evaluated to true. In my case, created a policy if the environment is prod.
Parameters:
Env:
...
- 2,214
17
votes
4
answers
44k
views
How do I force a CloudFormation stack to update when the parameter is updated?
I am running a AWS CloudFormation stack that takes in some parameters and launches EC2 instances along with other AWS resources. The parameters are fed into the user data of the EC2 instance and based ...
- 4,247
17
votes
4
answers
28k
views
The new key policy will not allow you to update the key policy in the future
The title says it all. I am getting this error whenever I try to create a KMS key via an AWS CloudFormation template. I am creating the template as an IAM user with administrative permissions, and I ...
- 2,387
17
votes
1
answer
12k
views
Resolution error: Cannot use resource 'x' in a cross-environment fashion, the resource's physical name must be explicit set
I'm trying to pass an ecs cluster from one stack to another stack.
I get this error:
Error: Resolution error: Resolution error: Resolution error: Cannot use resource 'BackendAPIStack/BackendAPICluster'...
- 4,433
17
votes
1
answer
9k
views
Template format error: Every Mappings attribute must be a String or a List
I wanted to have some quick references at the top of my CloudFormation template, so that I don't have to write out a complex reference every time i need it throughout the template.
So I wrote this:
...
- 3,447
17
votes
2
answers
11k
views
Using CloudFormation to configure CloudFront with an S3 origin
I am trying to use CloudFormation for the first time to configure a CloudFront distribution that uses an S3 bucket as its origin.
However I am receiving the error One or more of your origins do not ...
- 1,097
17
votes
7
answers
27k
views
How to pass parameter as a file in AWS CloudFormation deploy?
I was trying to update the existing CloudFormation stack with the below command.
aws cloudformation deploy
there is no option to pass parameter file with deploy option. we tried to pass parameter ...
- 1,568
17
votes
3
answers
9k
views
How to add AWS WAF to an ALB via CloudFormation
I can't find any examples or documentation on how to associate a WAF with an ALB via CloudFormation. Supposedly its possible going by this news announcement https://aws.amazon.com/about-aws/whats-new/...
- 5,179
17
votes
2
answers
16k
views
How to attach and mount volumes to an EC2 instance using CloudFormation
I can't find a way to attach and mount volumes using cloudformation.
I can attach a volume using VolumeAttachment; however, when I do lsblk after my EC2 instance is in running state, I see this ...
- 822
17
votes
2
answers
8k
views
What to bake into an AWS AMI and what to provision using cloud-init?
I'm using AWS Cloudformation to setup numerous elements of network infrastructure (VPCs, SecurityGroups, Subnets, Autoscaling groups, etc) for my web application. I want the whole process to be ...
- 12.5k
17
votes
4
answers
3k
views
Set Cognito Verification Type to Link in CloudFormation
I'm trying to figure out how I can set the verification type from Code (default) to Link in my CloudFormation template.
In the website I can set it here:
If I take a look at the docs there is ...
- 807
17
votes
2
answers
13k
views
How do I supply different conditions based on a parameter in an IAM Role CloudFormation Template
I'm writing a CloudFormation template for an IAM role that I will assume through STS. I need to add a condition where a key equals a value, where both the key and value depends on a "Stage" parameter. ...
- 503
17
votes
2
answers
7k
views
AWS Managed Policy Vs Policy
Can someone explain to me the difference between an AWS Policy and an AWS Managed Policy in the context of Cloud Formation?
More specifically, I'm trying to define an auto scaling template where:
...
- 4,047
17
votes
1
answer
16k
views
CloudFormation IAM Role -- AssumeRolePolicyDocument
So I'm constructing a cf stack for a role in AWS and I don't know how to go about the AssumeRolePolicyDocument field when designing a role that is not resource-based.
All the examples I've tried to ...
- 358
17
votes
3
answers
10k
views
Where to find CloudFormation log stream
I used this CloudFormation template to create a stack: https://fwd.aws/mDMrd
One of the steps failed, and the status reason given is:
Failed to create resource. See the details in CloudWatch Log ...
- 1,978
17
votes
4
answers
7k
views
Is there a way to tag a root volume when initializing from the cloudformation template?
I am creating an instance through the cloud formation script.
The only way I found to attach an OS partition was through "BlockDeviceMappings" property. (I've tried to use "Volumes" property before, ...
- 45.2k
16
votes
4
answers
25k
views
enabling CORS for AWS API gateway with the AWS CDK
I'm trying to build an application with the AWS CDK and if I were to build an application by hand using the AWS Console, I normally would enable CORS in API gateway.
Even though I can export the ...
- 707
16
votes
3
answers
26k
views
Security Group and Subnet Belongs to different networks
I am creating a basic AWS CloudFormation Template with one VPC, 3 Security Group and 5 EC2 Instances my security group looks something like this -
{
"WebApplicationServerSG": {
"Type": "AWS::...
- 5,629
16
votes
6
answers
21k
views
AWS CloudFormation: Combining ImportValue and Sub functions causes error
When uploading my template to CloudFormation I am receiving the following validation error:
Template validation error: Template error: the attribute in
Fn::ImportValue must not depend on any ...
- 2,269
16
votes
5
answers
18k
views
Unable to add GSI to DynamoDB table using CloudFormation
I have an existing DynamoDB table that is defined as part of a CloudFormation stack. According the the CFN AWS::DynamoDB::Table documentation the GlobalSecondaryIndexes attribute does not require ...
- 6,541
16
votes
6
answers
16k
views
How to provision a CloudFront distribution with an ACM Certificate using Cloud Formation
I am attempting to set a certificate in my CloudFrontDistribution using Cloud Formation.
My certificate has been issued via Certificate Manager. It has been approved, and I have validated that the ...
- 36.9k
16
votes
6
answers
16k
views
Add an unknown-sized list of security groups to an EC2 instance
We have a CloudFormation template that creates an EC2 instance and a security group (among many other resources), but we need to be able to add some additional pre-existing security groups to that ...
- 451
16
votes
1
answer
21k
views
How to refer a derived variable in CloudFormation?
I am looking for small help in CloudFormation and could not find help from documentation or may be not searching the question in right way.
Here is the question.
I am getting availability zones for ...
- 3,344
16
votes
3
answers
31k
views
If else condition cloudformation
I would like to populate a value in cloudformation depending on input parameter. I want to assign Name as either test-svc.abc.com or svc.abc.com depending on whether environment name is prod or not. ...
- 3,859
16
votes
1
answer
7k
views
Cloudformation won't deploy changes when default param is changed
I have this template:
Parameters:
ALBPort:
Type: Number
Description: The loab balancer port (how the app is accessed externally)
Default: 8000 #changing this
...
Resources:
...
- 29.7k