问题
I have this problem when creating S3 bucket using CloudFormation. I get a 400 Bad request. Would appreciate if anyone can help.
aws cloudformation deploy --profile DEV --stack-name testBucket --template-file create_bucket.yml --region us-east-1 --capabilities CAPABILITY_IAM CAPABILITY_NAMED_IAM --parameter-overrides BucketName=myBucket
Template:
AWSTemplateFormatVersion: 2010-09-09
Parameters:
BucketName:
Description: Provisioned read throughput for each table
Type: String
Resources:
MYBUCKET:
Type: AWS::S3::Bucket
Properties:
BucketName: ${BucketName}
MYBUCKETPOLICY:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref MYBUCKET
PolicyDocument:
Id: ReportPolicy
Version: "2012-10-17"
Statement:
- Sid: ReportBucketPolicyDoc
Effect: Allow
Action: "s3:*"
Principal:
AWS: !Join ['', ["arn:aws:iam::", !Ref "AWS::AccountId", ":root"]]
Resource: !Join ['', ['arn:aws:s3:::', !Ref MYBUCKET, '/*']]
Error
Bad Request (Service: Amazon S3; Status Code: 400; Error Code: 400 Bad Request; Request ID: B4AEAA3C454B7868; S3 Extended Request ID: ATFscTA4dQw8J8AYUfkIARYhiT4/BpVWRcD172WnR75Uzm+i5dlHOTC2HCb9drkO16dzYiELJZc=)
回答1:
You should be using !Ref BucketName instead of ${BucketName}
MYBUCKET:
Type: AWS::S3::Bucket
Properties:
BucketName: !Ref BucketName
来源:https://stackoverflow.com/questions/54292997/s3-creation-cloudformation-results-in-400-bad-request