Questions tagged [amazon-cloudformation]

1

votes
1

answer
404

Views

CloudFormation issue: couldn't delete stack

I create CloudFormation template for our resources, it includes Lambda functions, API Gateways, Roles, etc. For verifying our template I create CloudFormation stack using it, check some resources which I updated and after that I delete stack. But last time I got such message when I tried to delete s...
Gleb Kosteiko
0

votes
0

answer
3

Views

Terraform aws_cloudformation_stack AlreadyExistsException

When running Terraform to execute a Cloudformation stack via the resouce aws_cloudformation_stack, the error 'AlreadyExistsException' appears when running against a stack that already exists. Is it possible to skip over the stack when it exists rather and continue with other resource deployments, ra...
sweeny_here
1

votes
1

answer
486

Views

CREATE_FAILED while creating the CloudFormation Stack from Hyperledger template

I am using this template to create the stack: https://aws-blockchain-templates-us-east-1.s3.us-east-1.amazonaws.com/hyperledger/fabric/templates/simplenetwork/latest/hyperledger.template.yaml While following this blog-post from AWS, I am getting an error. Blog - Post Link : https://aws.amazon.com/b...
Deep
1

votes
1

answer
99

Views

Difference between AWS::Serverless::Function and AWS::Lambda::Function

I am developing aws lambda function and I have an option of using one of these two function, but I don't find any good place where I can see the difference between these two. Which one should be used and in which case?
hello123
1

votes
0

answer
468

Views

Can you have an optional parameter in CloudFormation for AWS Specific Parameters?

How do you include an optional list of AWS specific resources in a CloudFormation template? For example, an optional list of existing EBS volumes to attach to an EC2 instance? The parameter would be defined as usual: AdditionalExistingVolumes: Type: List Description: Existing AWS volumes to attach t...
Rob Paterson
1

votes
1

answer
1.4k

Views

User is not authorized to perform: SNS:CreateTopic on resource

I wanted to monitor certain parameters (TotalErrorRate and Latency) with CloudWatch and I wanted a 'Simple Notification Service' (SNS) to send me an email, when an (cloudWatch) alarm is thrown: EscalationTopic: Type: 'AWS::SNS::Topic' Properties: DisplayName: My Monitoring Subscription: - Endpoint:...
thadeuszlay
1

votes
0

answer
164

Views

AWS Elastic Beanstalk CloudFormation script: unable to sign request without credentials set

I'm new to CloudFormation scripts. Trying to build a Beanstalk environment and it mostly created, except that log streaming configuration fails, and the startup script aborts after that: [2018-06-26T12:28:41.358Z] INFO [2990] - [Application deployment/AddonsBefore/ConfigCWLAgent/10-config.sh] :...
Arthur
1

votes
1

answer
45

Views

How to add trigger for Lambda, with swagger and RestApi?

I'm trying to create Api gateway and lambda function with cloudformation. Current I'm able to create api gateway with swagger, and lambda function. The issue I have is the lambda function dont have the trigger with support to be api gateway. How to add trigger to this lambda function ? the RestApi D...
daniel
1

votes
0

answer
78

Views

Disable/Prevent CloudWatch Alarms when creating a new DynamoDB table with CloudFormation

I have several non-scaling DynamoDB tables created via CloudFormation. Each table auto-creates CloudWatch Alarms (and more for each GSI). In PROD this is okay, but in DEV this adds up in terms of cost. For example, for action table with a GSI I get the following alarms created: action-ReadCapacityUn...
pjb
1

votes
1

answer
164

Views

CloudFormation is not executing my command?

I am executing command through CloudFormation but it is not working. Also I am not getting any error in logs. Able to create instance & EBS with this template but command is not being executed. This the template which I am using: { 'Description' : 'AWS CloudFormation Sample Template EC2InstanceWit...
1

votes
0

answer
59

Views

CloudWatch dashboard: Environment failed to launch as it entered Terminated state

I'm getting this error when something is wrong with a config file in the .ebextensions folder. There is nothing more in the log that would help. Where can I find additional information on what went wrong in cases like this? Log excerpt: 08:09:42 UTC+0200 ROLLBACK_IN_PROGRESS AWS::CloudFormation...
Arthur
1

votes
0

answer
192

Views

CloudFormation - Structure of the SAM template is invalid. 'Resources' section is required

I am trying to deploy a lambda using code pipepline and code deploy using sam yml but it fails with following error: FAILED - Transform AWS::Serverless-2016-10-31 failed with: Invalid Serverless Application Specification document. Number of errors found: 1. Structure of the SAM template is invalid....
Mehjabin
1

votes
1

answer
103

Views

Choosing active SES ReceiptRuleSet in CloudFormation / Troposphere

I am creating a ReceipRuleSet with troposphere like this : ReceiptRuleSet( title='SesRuleset', RuleSetName='ses-ruleset' ) However, when I upload the stack with the generated CloudFormation template, the RuleSet appears as inactive in SES. Does anyone knows if there is a way to set the created RuleS...
T. Garcin
1

votes
1

answer
244

Views

How to use AWS CloudFormation templates with Simple System Management and ElasticBeanstalk

I am trying to use AWS CloudFormation templates together with SSM and ElasticBeanstalk, but get the following error: Service:AmazonCloudFormation, Message:Stack named 'awseb-e-dg6tmg2rmj-stack' aborted operation. Current state: 'UPDATE_ROLLBACK_IN_PROGRESS' Reason: The following resource(s) failed t...
Smolvis
1

votes
0

answer
50

Views

Is there anyway to determine what IAM permissions I actually need for a CloudFormation template?

Just wondering whats the best practice for determining what permissions I should give for my CloudFormation template? After some time of trying to give the minimal permissions it require, I find that thats really time consuming and error prone. I note that depending on the state of my stack, really...
Jiew Meng
1

votes
0

answer
151

Views

After installing IIS Manager, must I restart before I can stop the Default Web Site and start a new one?

Or is there some way I can install IIS and IIS Manager without needing to restart? I'm using CloudFormation to create a web stack in AWS. The template installs IIS and IIS Manager and then attempts to create various sites via Powershell. The scripts in the tempalte fail because the Default Web Site...
Jason
1

votes
0

answer
34

Views

Start-Process cmd does not work with Credential parameter when invoked from AWS Cloudformation template

I am creating an EC2 instance on AWS using Cloudformation template. As part of that template i am invoking a powershell script which performs the below steps (the script performs other tasks as well, but the below lines cause the error) $MyFolder = 'C:\installers\temp\Database' $MyRHFolder = $MyFold...
Rishabh
1

votes
0

answer
43

Views

How to get the auto generated RestApi from my AWS SAM template? To use in another SAM template

I used AWS SAM to generate my Lambda/APIs. But I want to be able to get this RestApi so I can use it in another SAM template. The idea is to have 1 base infra CloudFormation/SAM template that creates the network, ALB, API Gateway things Then each 'micro-service' will have its own SAM template and...
Jiew Meng
1

votes
0

answer
48

Views

Configuring API Gateway to respect x-amz-log-type for lambda function

I have a lambda function I am invoking from outside AWS. I would like to use the LogType config option but I am not sure how to successfully pass this through API Gateway to be used by the lambda. I have tried to sent them as headers through curl, but that does not seem to work: curl --header '-Amz-...
enderland
1

votes
0

answer
264

Views

AWS SES Configset - Can't create an event destination to SNS using AWS cloud formation stack

I can't seem to be able to create a new AWS SES configset using AWS Cloud Formation stack. The error says 'YAML not well-formed' Below is my json template for the CF stack: 'Resources' : { 'ConfigSet': { 'Type': 'AWS::SES::ConfigurationSet', 'Properties': { 'Name': 'CS_EMAIL_TRACKING' } }, 'CWEventD...
Anshuman
1

votes
0

answer
31

Views

Modify datapoints value in cloudwatch alarm with cloudformation

The number of datapoints that must be breaching to trigger the alarm can be configured and its documented in the PutMetricAlarm API reference but it's missing from the CloudFormation docs. I tried to do it in Java with Cloudformation but it returns an error that property is unknown. Is there any was...
João Pereira
1

votes
0

answer
198

Views

How to get cognito user's “username” in cloudformation

I created a user like: SuperAdminUser: Type: AWS::Cognito::UserPoolUser Properties: DesiredDeliveryMediums: - EMAIL Username: !Ref SuperAdminEmail UserAttributes: - Name: email Value: !Ref SuperAdminEmail UserPoolId: Fn::ImportValue: !Sub ${BaseStack}-Cognito And the user pool is defined: CognitoU...
Jiew Meng
1

votes
1

answer
400

Views

Cloud Formation AWS::Cognito::UserPoolUser temporary password

I'm creating Cognito user using Cloud Formation template for Kibana cognito authentication. How to provide temporary password in the template?
Murugesh
1

votes
0

answer
219

Views

Problems running puppeteer inside EC2 instance

I am using AWS CloudFormation to deploy my application inside AWS. I'm using a t2.2xlarge EC2 instance inside an ECS Cluster with Load Balancing. I have a microservice written in nodejs that process some HTML, converts it to PDF and upload the output to S3. That's where I use puppeteer. The proble...
jprivillaso
1

votes
0

answer
16

Views

debugging bastion-linux template failure “The following resource(s) failed to create: [BastionAutoScalingGroup]” with awscli

I'm trying to follow this procedure to place a bastion-linux host into an existing vpc. However, it's now failing with the message as the StackStatusReason: The following resource(s) failed to create: [BastionAutoScalingGroup] How can I debug the reason from this further using the awscli?
monkut
1

votes
1

answer
185

Views

AWS CloudFormation: CREATE_FAILED DBSecurityGroup is not supported in this region (London)

I am trying to reapply a cloudformer template from another account but in the same region, EU-West-2 (London). When I apply the template I get the following error: 10:05:10 UTC+0100 CREATE_FAILED AWS::RDS::DBSecurityGroup dbsgdefault DBSecurityGroup is not supported in this region Client Reque...
A West
1

votes
2

answer
530

Views

AWS Cloud Formation; Breaking up template into several files and passing in variables with cfn-include

I'm running into some issues with my aws cloud formation template. I have a general staging.yaml file where I define all my lambdas and apis. Problem is, that file has gotten WAY too big. So I decided to use this package: https://www.npmjs.com/package/cfn-include. So I can break the file up into sev...
John David
1

votes
0

answer
141

Views

AWS Cloudformation: cfg-init not adding keys to authorized_keys file

Trying to pre-populate an instance (created from an ECS-optimized AMI to be more specific) with some public keys as follows: Resources: MyEC2Instance: Type: AWS::EC2::Instance Properties: ImageId: 'ami-0af844a965e5738db' KeyName: 'some_existing_key' InstanceType: 't3.small' Metadata: AWS::CloudFor...
pkaramol
1

votes
1

answer
358

Views

AWS Codepipeline does not update my ECS Cluster

I have created two stacks using CloudFormation. The first stack, creates a Cluster with its needed resources: Load Balancer Autoscaling Groups Target Groups Listeners EC2 Instances Task definitions and services Etc... The second stack is used to create the CodePipeline stack, in order to configure...
jprivillaso
1

votes
2

answer
399

Views

Cfn-hup does not run on updating the Stack

I have a CF template that creates a EC2 Instance and I'm doing some bootstrapping there within Metadata to install httpd and create a simple index.html in /var/www/html/index.html and starting the httpd. I have also configured cfn-hup helper to run and execute the UserData again when stack is update...
Mahtab Alam
1

votes
1

answer
94

Views

StreamEnabled table property causes Serverless failure

I'm using Serverless to deploy my AWS cloudformation stack. On one of my tables, I enable streams via 'StreamEnabled': true. When this is enabled, I get an error on deployment: Encountered unsupported property StreamEnabled. If I remove the property, I get a validation exception: ValidationException...
skwny
1

votes
1

answer
220

Views

Pass multiple parameters to DBParameterGroup in YAML CloudFormation

I have the following cloudformation template. The goal is to only create a parameter group if the user wants to and then to populate the RDS parameters in the parameter group with the contents of the cloudformation template parameters. Parameters: UseCustomParameterGroup: Description: Toggle to 'Ye...
fishpen0
1

votes
2

answer
46

Views

cross-referencing cloudformation not working

I have created a policy template and outputted the ARN: Resources: # Codebuild Policies CodeBuildServiceRolePolicy1: Type: AWS::IAM::ManagedPolicy Properties: Description: 'This service role enables AWS CodePipeline to interact with other AWS services, including AWS CodeBuild, on your behalf' Path:...
aerioeus
1

votes
0

answer
726

Views

The parameter CNAME contains one or more parameters that are not valid

The parameter CNAME contains one or more parameters that are not valid. (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidArgument; Request ID: dfeb983d-b398-11e8-a2d5-5f6a8378e402) I am following the install guide at http://templates.cloudonaut.io/en/stable/wordpress/#wordpress-fault...
Dillon
1

votes
1

answer
102

Views

Dynamic AWS Sam Schedule Event Input param

We are automating a lambda via SAM to run on a Schedule Event. We use YAML but we are unable to work out how to use !Sub to make the Input be dynamic. If you read the sam documentation it says that Input needs to be a JSON formatted string The following code works for us: Events: Event1: Type: Sched...
newbreedofgeek
1

votes
0

answer
183

Views

AWS SAM cloudformation: API Gateway can't invoke lambda (AWS::Serverless::Function )

I created a template.yaml file to declare a simple lambda function that is invoked by api gateway. When I try to invoke the function from the api gateway url the request fails with {'message': 'Internal server error'} and in cloudwatch api gateway logs I see the error message Invalid permissions on...
Bruno Negrão Zica
1

votes
1

answer
271

Views

How to ensure Resource deletion/creation order during AWS Cloudformation Update

My use case is that we already have a stack created out of AWS Cloudformation. Now I want to update that stack and my requirement is that I want to delete a resource that was already created and add the new modified resource but I want to make sure that the delete happens before the create part. I...
Arafat Nalkhande
1

votes
0

answer
198

Views

How does one add an iam:PermissionsBoundary to a role created via CloudFormation template

I have a user who can create roles iff there is an attached permission boundary. The user can execute this function via the AWS console and via API calls from the API. However, there does not seem to be a way to automate the process in CloudFormation. Is it possible to create a role in a CFT and att...
Ian Jenkins
1

votes
1

answer
53

Views

Pipeline replaces previously deployed lambda when deploying new lambda

I'm referencing this aws tutorial to deploy our lambdas cross-account wise. I'm able to get the lambdas to deploy over successfully but I notice that if I go deploy another lambda (lambda_b), RE-USING the SAME pipeline but for a different lambda, this different lambda (lambda_b) will replace the oth...
pelican
1

votes
1

answer
252

Views

Edit AWS Cognito Identity Pool using serverless.yml

I am configuring an AWS Cognito Identity Pool using the severless framework, and I am editing a file in the yml configuration to add an unauthenticated role for users to upload an image to an s3 bucket. The code was previously deployed without an unauthenticated role being specified, and the deploym...
Staneslevski

View additional questions