8,391 questions
0
votes
1
answer
33
views
AWS-Cloudformation: Ipv6 EC2 Route in a Private Nat Subnet - Provide one of DestinationCidrBlock or DestinationIpv6CidrBlock and a valid routeTableId
I am currently creating a network infrastructure within my vpc, that has private subnets and has a NAT gateway. I have a Route Table that has the private subnets associated to it and I intend to have ...
- 15
1
vote
2
answers
129
views
AWS CloudFormation deploy template stored in an S3 bucket [closed]
Trying to deploy a CloudFormation template that is stored in an S3 bucket as the template size is larger than 51kb so cant be done direct (from what I am led to believe and have seen when trying)
...
- 1,091
0
votes
0
answers
59
views
AWS CDK use api gateway in a nested stack
I have this api gateway in my main stack:
api_gateway = _api_gw.LambdaRestApi(
self,
f"{construct_id}-gw-api",
handler=lambda_hello,
rest_api_name=f"gw-api{env_ext}"...
- 43
0
votes
1
answer
35
views
I am unable to delete the empty bucket created by a CloudFormation template
I am trying to create a secure static website using this AWS guide, it uses a template for CloudFormation. I have used it successfully to create my website myweb.com and it works flawlessly.
The ...
- 539
0
votes
1
answer
98
views
Changing DynamoDB from Provisioned to On Demand via CDK process?
I'm trying to change my DynamoDB table from Provisioned to On Demand via CDK.
The commented out code is what my table was provisioned with before, for autoscaling.
table = new TableV2(this, props....
0
votes
0
answers
69
views
Cloudformation/CDK Resource Policy creation missing Condition statement
Objective: Create a lambda_layer_version permission policy so that lambda functions from remote AWS accounts in the same AWS Organization can access the lambda_layer.
Problem: The Lambda_layer_version ...
- 357
0
votes
1
answer
207
views
ECS Task in private subnet is not able to pull image from ECR, using AWS PrivateLink
I am using AWS Cloudformation to build the infrastructure, I have a vpc that have a private subnet and 2 public subnets, the private subnet has the ecs service with ecs cluster and ecs task, the alb ...
- 766
1
vote
1
answer
53
views
StepFunction assume role unable to execute the StepFunction
I have a StepFunction that has a map state, that just has a lambda in it that executes through the entries of a JSON in a S3.
However, when the execution gets to this state I get the following error
...
- 25
0
votes
0
answers
33
views
How to have two different cfn-exec-roles to be used in two CloudFormation stacks?
While bootstrapping the environment for CloudFormation, we create a role with this format
cdk-hnb659fds-cfn-exec-role-[ACCOUNT]-[REGION]
This role is assumed by CloudFormation to create,delete and ...
- 127
0
votes
0
answers
30
views
AWS Aspire resource lifetime
I am trying to use Aspire with AWS. I can successfully create an SQS queue and configure it, but when I am finished debugging I want the AWS resources to close down. If I cant do this I am going to ...
0
votes
0
answers
22
views
sam watch with Separate Lambda Layer and Function Stacks -- how to use newest layers in lambdas during development
I'm looking for the recommended local development workflow for a project that uses multiple, independent AWS SAM applications within a single monorepo.
Setup:
Layers Stack: one SAM application ...
- 1,163
0
votes
0
answers
46
views
CloudFormation Fails with "Internal Failure" When Creating MongoDB Atlas Cluster
I'm trying to create a MongoDB Atlas cluster using a CloudFormation template, including VPC peering and network container setup. Organisation API keys are stored in Secrets manager. However, the stack ...
0
votes
1
answer
63
views
Using PreSignUp Lambda with Cognito suddenly fails to verify email
Repro steps:
Verification emails work as handled by Cognito thanks to the IaC setting for UserPool
(this one:
AutoVerifiedAttributes:
- email
)
2. add a Lambda function trigger to the userpool
(e.g ...
- 117
1
vote
2
answers
93
views
Building and deploying multiple Go lambdas via images in AWS with differing Go packages from one Dockerfile
I'm trying to build and deploy multiple Go based lambdas using 1 Dockerfile (as the instructions don't differ between lambdas) using different go packages for each lambda.
My file structure is as ...
- 25
0
votes
1
answer
78
views
AWS SDK for Rust not getting region from specified profile
I have various AWS regions configured, and they each have a default region specified. Thus with AWS CLI I can do this to list CloudFormation exports for the default profile:
aws cloudformation list-...
- 22.3k
0
votes
0
answers
44
views
Problems with my WebApp deployment and ACM certificates
I'm trying to deploy my WebApp pipeline using CDK (https://docs.aws.amazon.com/cdk/v2/guide/home.html) with credentials set up in ~/.aws/credentials and ~/.aws/config.
I created a certificate in AWS ...
- 1
0
votes
0
answers
90
views
AWS SAM - How do I conditionally set CodeUri property for a Lambda function?
I'm working on a AWS Sam Application (repo here) where I want to conditionally set CodeUri to use an S3 bucket 'hot-reload' for running locally on Localstack.
SpringBootLambdaFunction:
Type: AWS:...
1
vote
1
answer
340
views
Provisioning IAM Policy for a Bedrock Console User, Need Advice
I'm currently working on setting up IAM roles for different Bedrock use cases, and this one is intended to provide full console access for a Bedrock console user (with both wildcard and specific ...
1
vote
0
answers
63
views
GitHub Actions for SAM Deployment of Lambda Functions '.deps.json' file Error
Even with the sample from the AWS toolkit, each time I use GitHub Actions to build and publish a lambda function I am getting the error
Error: .NET binaries for Lambda function are not correctly ...
- 11
0
votes
1
answer
125
views
How to define OpenSearch pipeline in AWS CDK (via Amplify) without triggering full CloudFormation deployment?
I'm working on an AWS Amplify project, and trying to integrate an OpenSearch Ingestion pipeline (AWS::OSIS::Pipeline) using CDK (within the Amplify backend). The issue I'm running into is that ...
- 950
1
vote
1
answer
238
views
Is Cognito explicit auth flow `ALLOW_USER_SRP_AUTH` included in `ALLOW_USER_AUTH`?
In the Cognito CloudFormation resourceAWS::Cognito::UserPoolClient documentation for ExplicitAuthFlows it says:
ALLOW_USER_AUTH: Enable selection-based sign-in with USER_AUTH. This setting covers ...
- 22.3k
0
votes
1
answer
80
views
AWS Toolkit Prerequisites not accepted in Visual Studio
Thank you all in advance. I have an AWS account with a Visual Studio app that I haven't touched in a while, and I'm finally getting back around to working on it after updating Windows to Windows 10 ...
- 269
0
votes
1
answer
71
views
SAM template authorizerr error: authorizerUri/Fn::Sub/1/__FunctionArn__] 'null' values are not allowed in templates
Trying to create and API Gateway with lambda and attach the authorizer to it. The api and lambda creation works perfectly, but when I add the authorizer section, I get the following error:
Error: ...
- 349
2
votes
0
answers
109
views
AWS Lambda backed custom resource always returns success to cloud formation
I use the following code. However, CloudFormation always receives a SUCCESS event from the custom resource even when the send function is called with status FAILED
import { SecretsManagerClient, ...
- 49
0
votes
0
answers
36
views
Elastic Beanstalk fails to create an Auto Scaling Group
I get the following error when I try to deploy a 'High Availability' EBS environment
Creating Auto Scaling group named: awseb-e-uyrzzcumbu-stack-AWSEBAutoScalingGroup-H6IXr3kSXJO8 failed. Reason: ...
- 477
0
votes
1
answer
83
views
Properties validation failed for resource EC2Server with message: [#: extraneous key [MetadataOptions] is not permitted]
This is my simple cloudformation template to create EC2 with instancemetadatatags option enable while launching.
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters"...
- 69
0
votes
1
answer
150
views
AWS Athena is not processing any data from glue table if partition projection is enabled
I have a glue table that is fed by partitioned data in s3. The issue at hand is in Athena that if the partition projection is turned off, and I run MSCK REPAIR TABLE <my table>; and SELECT * ...
- 21
0
votes
0
answers
24
views
aws lex bot with labda function to handle intent
service: claude-lex-bedrock-bot
provider:
name: aws
runtime: nodejs22.x
region: eu-west-2
environment:
KNOWLEDGE_BASE_ID: ${env:KNOWLEDGE_BASE_ID, 'M86AHPZ6CL'}
iam:
role:
...
0
votes
1
answer
86
views
aws lex bot through cloud formation and lambda
My use case is to create a bot using the YAML file. When a user asks questions related to my knowledge base, I need the bot to provide answers. I tried using the QnA intent in the AWS console, but it’...
0
votes
0
answers
34
views
aws lex bot and lambda function through cloudformation template
service: claude-lex-qa-bot-nodejs
provider:
name: aws
runtime: nodejs18.x
region: eu-west-2
environment:
KNOWLEDGE_BASE_ID: 7098R9J1111
iamRoleStatements:
- Effect: Allow
Action:
- bedrock:InvokeModel
...
0
votes
3
answers
84
views
aws QnA intent cloudformation template not working
I want to create a lex bot with serverless.yaml and I want to use the aws bedrocks builtin intent qnaintent. I am able to create the bot with intents from the serverless.yaml but I am unable to add ...
0
votes
0
answers
59
views
Using CloudFormation ForEach to create list of indefinite size
I want a CloudFormation template to be able to create a list of repositories in a role's Trust relationship, to look like this:
Effect": "Allow",
"Principal": { "...
0
votes
0
answers
39
views
AWS CDK Codepipeline deploy certain Stacks within cdk Stage
I have an existing aws account with infrastructure that has already been deployed via CDK with a codepipeline. The codepipeline is specifying which stacks to deploy via the addStage function of ...
- 63
2
votes
2
answers
129
views
AWS SAM: Calling a Lambda Function from an API Gateway asynchronously
In my current project I want to call a long running Lambda function from an API Gateway asynchronously. All resources are defined in a SAM template.
I tried to follow the instructions in
https://docs....
- 4,283
0
votes
0
answers
128
views
Is CDK's auto-generated AssumeRolePolicy sufficient, or should I specify a condition for specific ARN(s)?
I've been working with CDK for a bit, and haven't had any reason to modify any of the default roles/policies that are auto-generated when I create resources like lambdas or step functions. However, I ...
0
votes
0
answers
47
views
AWS PCS cluster creation failed with cloud formation
Im creating a complete HPC architecture on AWS using service AWS PCS.
In my cloud formation template literally all resource creation is successful but AWS PCS.
Cluster:
Type: AWS::PCS::Cluster
...
- 121
0
votes
2
answers
40
views
CloudFormation : How to parse mutiples key from secretmanager to container task definition?
I want to define multiple AWS Batch jobs that all use the same environment variables defined in Secrets Manager.
I understand CloudFormation does not supports YAML anchors and aliases. Is there a way ...
0
votes
0
answers
20
views
Step function CFT error, Getting error "variable SubnetsParameter in Fn::Sub expression doesn't resolve to string
Below is my statemachine resource template.
Failing with template failed variable SubnetsParameter in Fn::Sub expression doesn't resolve to string.
Any help would be appreciated.
DefinitionString: !...
- 179
0
votes
2
answers
146
views
Use !ImportValue together with !Sub in a yaml template
I have a CF template where I export a value like this:
Outputs:
LambdaLogGroup:
Value: !Ref LambdaLogGroup
Export:
Name: !Sub "LambdaLogGroup-${EnvironmentName}${EnvironmentId}"
...
- 2,682
0
votes
0
answers
20
views
Calling a separate cloudformation template in a template
I am very new to all this, but I will try my best to be clear.
Example:
I have 3 different cloudformation templates. These templates are all different as a whole, but they are identical in parts of ...
0
votes
0
answers
11
views
Why do CloudFormation stack dependencies report UPDATE_COMPLETE in reverse order?
I have multiple CloudFormation stacks with serial dependencies (Stack A2 depends on Stack A1, etc.).
I've noticed a pattern during stack updates where CloudFormation appears to report the ...
- 1,150
0
votes
0
answers
78
views
Using ForEach Loop Within CloudFormation Resource to Create List of Objects
I'm trying to dynamically create a Glue crawler in CloudFormation with the sources based on a list of S3 paths that are passed into me. I've tried dozens of different ways, but I can't seem to get it ...
- 625
0
votes
1
answer
77
views
Does AWS CloudFormation provide a one-level map?
I'm aware of Fn::FindInMap, which provides a two-level map. Consider this example from a Mappings section:
ShortNames:
us-east-1:
'753': us
'426': us
eu-west-1: ...
- 1,568
0
votes
1
answer
192
views
Local dev quick iteration for serverless lambda using CDK and SAM
Could someone please help out on how they are approaching local dev with CDK and SAM? I'm trying to assist our devs to improve the local development experience and iteration of Lambda code.
Previously ...
- 14.6k
1
vote
2
answers
55
views
Is there a way to specify what module version to use in the Cloudformation template?
If a module is registered in CloudFormation with a default version, is there a way to specify a different version in the CF YAML file? For instance, if the default version is '000002' but I want to ...
0
votes
0
answers
32
views
AWS Instance scheduler remote cloud formation template deployment
I had deployed instance scheduler service to aws my hub account and remote template to aws spoke accounts nearly a year ago. The template versions were v1.5.4.
Now, I want to deploy another remote ...
- 2,526
0
votes
1
answer
67
views
Enable "Include sub domains" in an AWS CloudWatch RUM monitor using CDK?
CloudWatch RUM in the AWS UI console has a field for "Application domain" and a separate checkbox for "Include sub domains".
However, there is no corresponding boolean field in ...
- 3,138
0
votes
0
answers
45
views
Updating CloudFormation modules
I have been able to initialize and register a module using the Cloudformation CLI tool.
>> cfn init
Initializing new project
Do you want to develop a new resource(r) or a module(m)?.
>> m
...
1
vote
0
answers
197
views
AWS Cloudformation : Fn::ForEach on empty CommaDelimitedList
I need to create AWS Cloudfront distributions in a ForEach loop based on the strings coming in a parameter named UnauthDomains of type CommaDelimitedList.So 5 comma seperated strings in the list and ...
- 263
-1
votes
1
answer
29
views
AWS CloudFormation User Creation and UserPolicy
Could i get some assistance in building what it should be an easy policy? There are no issues creating roles, policies and attaching those. However, for AWS Users seems like there is a different ...
- 41