设置 aws cloudformation 模板验证的能力
Setting the capability for aws cloudformation template-validate
我正在尝试验证 Cloudformation 模板。我发出的命令是:
▶ aws cloudformation validate-template --template-body file://template.json
然而,我得到的回复是:
"CapabilitiesReason": "The following resource(s) require capabilities:
[AWS::IAM::Role]",
不幸的是,我找不到任何方法来设置该功能。
如何设置能力?
将来 validate-template are not errors. They are normal outputs listing resources requiring capabilities that will need to be specified (via --capabilities) when running create-stack or update-stack 的 Capabilities 和 CapabilitiesReason 输出。
您可以通过检查 return code 是 0 表示命令成功完成来确认验证成功且没有错误。
validate-template 输出的文档如下:
Capabilities -> (list)
The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the create-stack or update-stack actions with your template; otherwise, those actions return an InsufficientCapabilities error.
For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.
CapabilitiesReason -> (string)
The list of resources that generated the values in the Capabilities response element.
我正在尝试验证 Cloudformation 模板。我发出的命令是:
▶ aws cloudformation validate-template --template-body file://template.json
然而,我得到的回复是:
"CapabilitiesReason": "The following resource(s) require capabilities:
[AWS::IAM::Role]",
不幸的是,我找不到任何方法来设置该功能。
如何设置能力?
将来 validate-template are not errors. They are normal outputs listing resources requiring capabilities that will need to be specified (via --capabilities) when running create-stack or update-stack 的 Capabilities 和 CapabilitiesReason 输出。
您可以通过检查 return code 是 0 表示命令成功完成来确认验证成功且没有错误。
validate-template 输出的文档如下:
Capabilities -> (list)
The capabilities found within the template. If your template contains IAM resources, you must specify the
CAPABILITY_IAMorCAPABILITY_NAMED_IAMvalue for this parameter when you use thecreate-stackorupdate-stackactions with your template; otherwise, those actions return anInsufficientCapabilitieserror. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.CapabilitiesReason -> (string)
The list of resources that generated the values in the Capabilities response element.