amazon-cloudformation

I have this S3 Bucket and Policy that I am deploying to CloudFormation. Resources: ReportsBucket: Type: AWS::S3::Bucket BucketPolicy: Type: AWS::S3::BucketPolicy Properties: Bucket: !Ref ReportsBucket PolicyDocument: Id: ReportPolicy Version: "2012-10-17" Statement: - Sid: ReportBucketPolicyDoc Effect: Allow Action: "s3:*" Principal: AWS: !Join ['', ["arn:aws:iam::", !Ref "AWS::AccountId", ":root"]] Resource: !Join ['', ['arn:aws:s3:::', !Ref S3Bucket, '/*']] It fails with, UPDATE_ROLLBACK_IN_PROGRESS AWS::CloudFormation::Stack {my stack name} The following resource(s) failed to create:

I have a template which creates an ELB and attaches an existing subnet within a VPC. This creates just fine but when I then update my stack and add a security group with a VpcId property with a value equal to the existing VPC ID in which my attached subnet belongs the stack fails with the following error: "You have specified two resources that belong to different networks" If I remove the VpcId property from my security group it creates it in my default VPC and the stack creation works. I cannot understand why this can be because the security group has a relationship to the ELB in the

I want to use Cloudformation to create an S3 bucket that will trigger Lambda function whenever an S3 event occurs such as file creation, file deletion, etc. From my research, I have my AWS::Lambda::Function and AWS::S3::Bucket setup, AWSTemplateFormatVersion: '2010-09-09' Resources: HandleFileCreation: Type: "AWS::Lambda::Function" Properties: ... LambdaExecutionRole: Type: AWS::IAM::Role Properties: ManagedPolicyArns: - arn:aws:iam::aws:policy/AmazonS3FullAccess - arn:aws:iam::aws:policy/AWSLambdaFullAccess AssumeRolePolicyDocument: ... ReportsBucket: Type: AWS::S3::Bucket BucketPolicy: Type:

Here is readme about serverless-plugin-nested-stacks plugin. It makes possible to include nested stacks into main one. But how to pass values between stacks? For example I create a resouce in one nested stack - how to path it arn to another stack (nested or main one)? First you will need to export the resources from the corresponding nested stack like this: AWSTemplateFormatVersion: '2010-09-09' Parameters: ... Resources: ... Outputs: o1: Description: ... Value: <your_resource_arn> Export: Name: <your_export_name> To import the resource in other stack, you will need to use the intrinsic

I have Lambda which was deployed to VPC. This deploymens has next configs: VPC (192.168.0.0/16) Public Subnet A (192.168.32.0/20) has NAT Gateway and Route 0.0.0.0/0 to Internet Gateway Private Subnet A (192.168.48.0/20) has Route 0.0.0.0/0 to NAT Gateway Private Subnet B (192.168.64.0/20) Lambda has own Securiy Group and references to "Private Subnet A" and "Private Subnet B" I have strange problem: time to time Lambda doesn't have Internet Access . 3rd party service works normal. One more strange thing that Lambda gets IP's like 127.0.0.1, 169.254.76.13, 169.254.79.1 instead of IP's from

I am trying to write a cloud-formation template for AWS ECS with blue green deployment support . This blue-green feature was added recently by AWS in ECS and couldn't find any reference for updating it in cloud-formation template. They have given documentation on, how to do it through UI but not through cloud-formation. I guess, AWS might not updated their cloud-formation documentation as it is a new feature. Any help to find the documentation would be appreciated. Thanking you in advance. Currently cloudformation does not support the DeploymentController parameter in which you can specify