Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Setting the capability for aws cloudformation template-validate

I am trying to validate a Cloudformation template. The command I am issuing is:

▶ aws cloudformation validate-template --template-body file://template.json 

The response I am getting, however, is:

"CapabilitiesReason": "The following resource(s) require capabilities:    [AWS::IAM::Role]",  

I can't find any way to set the capability unfortunately.

How do you set the capability?

like image 511
Alex Harvey Avatar asked Jul 20 '16 06:07

Alex Harvey


People also ask

How do I validate aws CloudFormation template?

If it isn't, CloudFormation checks if the template is valid YAML. If both checks fail, CloudFormation returns a template validation error. You can validate templates locally by using the --template-body parameter, or remotely with the --template-url parameter.

When working with aws CloudFormation templates What is the maximum?

AWS CloudFormation now supports increased limits on the default number of stacks allowed per AWS account. The number of stacks that can be created in an account is now 2000 (previously 200). CloudFormation allows you to model, provision and manage cloud resources in a safe, predictable, and scalable manner.

How is cloud formation tested?

Go to CloudWatch Events and update rules for automatically started the pipeline. Scale out testing by providing custom testing scripts or altering the existing ones. Test a different CloudFormation template by uploading it to the source S3 bucket created and configuring the pipeline accordingly.


1 Answers

The Capabilities and CapabilitiesReason outputs from validate-template are not errors. They are normal outputs listing resources requiring capabilities that will need to be specified (via --capabilities) when running create-stack or update-stack in the future.

You can confirm that a validation succeeded without errors by checking that the return code is 0 indicating the command completed successfully.

The documentation for the validate-template outputs is as follows:

Capabilities -> (list)

The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the create-stack or update-stack actions with your template; otherwise, those actions return an InsufficientCapabilities error. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason -> (string)

The list of resources that generated the values in the Capabilities response element.

like image 92
wjordan Avatar answered Sep 27 '22 16:09

wjordan