Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Setting the capability for aws cloudformation template-validate

Tags:

amazon-web-services

amazon-cloudformation

I am trying to validate a Cloudformation template. The command I am issuing is:

▶ aws cloudformation validate-template --template-body file://template.json

The response I am getting, however, is:

"CapabilitiesReason": "The following resource(s) require capabilities:    [AWS::IAM::Role]",

I can't find any way to set the capability unfortunately.

How do you set the capability?

like image 511
Alex Harvey Avatar asked Jul 20 '16 06:07

Alex Harvey

People also ask

How do I validate aws CloudFormation template?

If it isn't, CloudFormation checks if the template is valid YAML. If both checks fail, CloudFormation returns a template validation error. You can validate templates locally by using the --template-body parameter, or remotely with the --template-url parameter.

When working with aws CloudFormation templates What is the maximum?

AWS CloudFormation now supports increased limits on the default number of stacks allowed per AWS account. The number of stacks that can be created in an account is now 2000 (previously 200). CloudFormation allows you to model, provision and manage cloud resources in a safe, predictable, and scalable manner.

How is cloud formation tested?

Go to CloudWatch Events and update rules for automatically started the pipeline. Scale out testing by providing custom testing scripts or altering the existing ones. Test a different CloudFormation template by uploading it to the source S3 bucket created and configuring the pipeline accordingly.

1 Answers

The Capabilities and CapabilitiesReason outputs from validate-template are not errors. They are normal outputs listing resources requiring capabilities that will need to be specified (via --capabilities) when running create-stack or update-stack in the future.

You can confirm that a validation succeeded without errors by checking that the return code is 0 indicating the command completed successfully.

The documentation for the validate-template outputs is as follows:

Capabilities -> (list)

The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the create-stack or update-stack actions with your template; otherwise, those actions return an InsufficientCapabilities error. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason -> (string)

The list of resources that generated the values in the Capabilities response element.

like image 92
wjordan Avatar answered Sep 27 '22 16:09

wjordan

Sign in to Comment

Related questions

AWS RDS PostgreSQL error "remaining connection slots are reserved for non-replication superuser connections"
AWS DynamoDB Requested resource not found
How to peek at messages in the queue
How do I get data storage used on my AWS RDS?
How to move files from amazon ec2 to s3 bucket using command line
How AWS Cognito User Pool defends against bruteforce attacks
Enable Lambda function to an S3 bucket using cloudformation
Amazon S3 files access policy based on IP Address
How to search an Amazon S3 Bucket using Wildcards?
How can I access S3/S3n from a local Hadoop 2.6 installation?
How to redirect HTTP to HTTPS using S3, Cloudfront, and Route 53 using naked domains?
I need an Amazon S3 user with full access to a single bucket
Unable to delete cfn stack, role is invalid or cannot be assumed
Is there a way to have index.html functionality with content hosted on S3?
AWS Cognito username/email login is case-sensitive
Downloading the latest file in an S3 bucket using AWS CLI? [duplicate]
boto3 equivalent to boto.utils.get_instance_metadata()?
AWS Lambda NoClassDefFoundError
Can I test AWS Glue code locally?
AWS Lambda Error: Unzipped size must be smaller than 262144000 bytes

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!