Closed dansepp-gale closed 1 week ago
I am running into the same error with different resource. The sample template is straight from cloudformation reference documentation. The error started to appear after update to v1.3.2
E3012 'SFTP' is not of type 'object'
AWSTemplateFormatVersion: '2010-09-09'
Description: creates SFTP Server
Resources:
MyTransferServer:
Type : AWS::Transfer::Server
Properties :
EndpointDetails:
AddressAllocationIds:
- AddressAllocationId-1
- AddressAllocationId-2
SubnetIds:
- SubnetId-1
- SubnetId-2
VpcId: VpcId
EndpointType: VPC
LoggingRole: Logging-Role-ARN
Protocols:
- SFTP
SecurityPolicyName: Security-Policy-Name
IdentityProviderDetails:
InvocationRole: Invocation-Role-ARN
Url: API_GATEWAY-Invocation-URL
IdentityProviderType: API_GATEWAY
Tags:
- Key: KeyName
Value: ValueName
I'm seeing it too on AWS::Transfer::Server as @dishikang123 saw and on AWS::Transfer::User SshPublicKeys using !Ref
Looks like in the switch to the schemas from the specs the schemas are a little off.
"S3Encryptions": {
"$ref": "#/definitions/S3Encryptions"
}
....
"S3Encryptions": {
"additionalProperties": false,
"type": "object"
}
We can patch the schema appropriately. PR incoming.
Looks like there about 21 occurrences of which isn't great for json schema based validation. Going to see what I can do to get them patched. I can prioritize and release as needed so if you have any other additional resources you are seeing this one send them over.
{
"additionalProperties": false,
"type": "object"
}
Thanks @kddejong. I'm not seeing this occurring with any other CFN type in my repos.
CloudFormation Lint Version
cfn-lint 1.3.2
What operating system are you using?
Windows
Describe the bug
The following CloudFormation resource of type
AWS::Glue::SecurityConfiguration
appears to match the CloudFormation specification for EncryptionConfiguration and S3Encryptions, and was passing cfn-lint checks prior to an upgrade to v1, but now fails:Error:
E3012 [{'KmsKeyArn': {'Fn::GetAtt': ['EncryptionKey', 'Arn']}, 'S3EncryptionMode': 'SSE-KMS'}] is not of type 'object'
Expected behavior
cfn-lint
should pass with no errors or warnings.Reproduction template