AWS CloudFormation YAML gotcha

科技动态 2018-07-06 阅读原文

I just got stuck on a CloudFormation gotcha for an hour. I was trying to add an access policy to an SQS queue to allow SNS to post messages to it, but it gave this error:

An error occurred: myQueue – Invalid value for the parameter Policy. (Service: AmazonSQS; Status Code: 400; Error Code: InvalidAttributeValue).

The CloudFormation YAML for that queue was:

Type: AWS::SQS::QueuePolicy
Properties:
  Queues:
    - Ref: myQueue
  PolicyDocument:
    Id: QueuePolicy
    Version: 2012-10-17
    Statement:
      - Sid: sendMessagesToQueue
        Effect: Allow
        Principal:
          AWS: "*"
        Action:
         - sqs:SendMessage
        Resource: "*"
        Condition:
          ArnEquals:
            aws:SourceArn:
              Ref: myTopic

The problem with this policy is that YAML automatically parses anything that looks like an ISO-formatted date
, so when Serverless
converted my YAML CloudFormation to JSON to be uploaded, that “2012-10-17” date was transformed to:

"Version": "2012-10-17T00:00:00.000Z"

Whoops! Adding quotes around the date in the Version field fixes this problem:

Version: "2012-10-17"

责编内容by:Nicholas Sherlock 【阅读原文】。感谢您的支持!

您可能感兴趣的

Extending AWS CloudFormation with AWS Lambda Power... Post Syndicated fromRandall Hunt original https://aws.amazon.com/blogs/aws/cloudformation-macros/ Today I’m really excited to show you a powerful...
Converting PowerShell Task in YAML YAML Builds have many advantages over traditional build definitions, especially because YAML build definitions follows branching of code , a kille...
私密信息管理利器 HashiCorp Vault——验证和授权... 到目前为止,我们都是使用 vault 客户端直接访问服务器,并未进行任何登录之类的操作。这是因为在开发模式下,服务器会自动将用户登录为 root 用户,目的是为了简化测试,避免在登录问题上卡住初学者。但在生产环境中这显然是非常不安全的。再重复一次, 绝对不要在生产环境中使用开发模式 。 ...
orbit – A cross-platform task runner for exe... Orbit A cross-platform task runner for executing commands and generating files from templates https://travis-ci.org/gulien/orbit https://god...
Reproducible Research: Write your Clinical Chemist... (This article was first published on The Lab-R-torian , and kindly contributed toR-bloggers) Abstract Background:This blog post is going to s...