Cloudformation LaunchTemplate referencing IamInstanceProfile fails to create

Tags:

amazon-cloudformation

I am trying to create a LaunchTemplate, which references an IamInstanceProfile, in my Cloudformation stack. Here is the code- i have omitted the irrelevant parts:

...
            Resources:
              ServerLaunchTemplate:
                Type: 'AWS::EC2::LaunchTemplate'
                Properties:
                  LaunchTemplateData:
                    InstanceType: !Ref InstanceType
                    SecurityGroups:
                      - !Ref SecGroup
                    IamInstanceProfile: !Ref ServerProfile
                    UserData:
        ...
              ServerProfile:
                Type: 'AWS::IAM::InstanceProfile'
                Properties:
                  Path: /
                  Roles:
                    - !Ref ServerRole
...

The ServerProfile gets created successfully. However when the stack creation process reaches the step of creating the ServerLaunchTemplate, it fails with the error:

Property validation failure: [Value of property {/LaunchTemplateData/IamInstanceProfile} does not match type {Object}]

If i omit the reference to the IamInstanceProfile, the LaunchTemplate get created successfully.

According to the documentation and some examples this should work... Based on the error i understand, that the InstanceType field of the LaunchTemplate needs to reference an object, but "!Ref InstanceType" returns the resource id.

How can i fix this? How could i retrieve the object, that is presumably required by the "/LaunchTemplateData/IamInstanceProfile" field?

Thank you

289

asked Dec 19 '18 15:12

Konstantinos Pachopoulos

1 Answers

Easy to miss in the docs: IamInstanceProfile requires an IamInstanceProfile Cloudformation object with the Arn of the referenced IamInstanceProfile being a property of it.

See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-iaminstanceprofile and https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-iaminstanceprofile.html.

This should work:

  PortalLaunchTemplate:
    Type: 'AWS::EC2::LaunchTemplate'
    Properties:
      LaunchTemplateName: !Sub ${InstanceName}-launch-template
      LaunchTemplateData:
        ImageId: !Ref AmiId
        ...
        IamInstanceProfile:
          Arn: !GetAtt InstanceProfile.Arn

102

answered Oct 10 '22 21:10

Thomas

Related questions
                            
                                Setup Lambda function to run a CloudFormation stack
                            
                                How to allow only email as username alias with CloudFormation?
                            
                                How do I run my CDK app?
                            
                                Value of property SecurityGroupIds must be of type List of String error while updating stack
                            
                                In AWS CloudFormation is it possible to create a number of EC2 instances with the values from Mappings without AutoScaling group?
                            
                                How to configure a Serverless S3 bucket resource to use a CORS AllowOrigin set to the http endpoint of its function
                            
                                AWS ECR CF template fails with 'Invalid repository policy provided'
                            
                                CloudFormation to setup CodePipeline/CodeBuild to deploy SAM application
                            
                                AWS:elastic_ip Assign a name to an elastic ip using cloudformation
                            
                                AWS SAM template/cloudformation No integration defined for method (Service: AmazonApiGateway
                            
                                Create CloudFront distribution that accepts only signed URL’s with serverless
                            
                                How to use Fn::If with array values in cloud formation templates
                            
                                AWS Cloudformation Link API Key to API Gateway
                            
                                How to describe Security Groups for a VPC?
                            
                                Using Cloudformation to Create DynamoDB with composite primary key
                            
                                AWS SNS Topic Policy Cloudformation
                            
                                Listing more than 100 stacks using boto3
                            
                                Create Nested If else in AWS Cloud Formation Template
                            
                                CloudFormation creation of CloudFront distribution with logging bucket
                            
                                aws cloudformation use Fn::Join in a list

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!

Donate Us With