search

aws-cloudformation / cfn-lint

CloudFormation Linter
MIT No Attribution
2.4k stars 576 forks source link

E1011 error on Fn::FindInMap #3416

Closed isuftin closed 6 days ago

isuftin commented 6 days ago

CloudFormation Lint Version

1.3.6

What operating system are you using?

MacOS, Alpine Linux

Describe the bug

cfn-lint on FindInMap returns E1011 'EnvironmentMapping' is not one of []

Expected behavior

No error

Reproduction template

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "EBS Volume",
  "Resources": {
    "EBS": {
      "Type": "AWS::EC2::Volume",
      "Properties": {
        "AutoEnableIO": false,
        "AvailabilityZone": { "Ref": "AvailabilityZone" },
        "Encrypted": true,
        "KmsKeyId": { "Fn::FindInMap": ["EnvironmentMapping", "kms", "key"] },
        "VolumeType": "st1",
        "Size": 512
      },
      "DeletionPolicy": "Snapshot",
      "UpdateReplacePolicy" : "Retain"
    }
  },
  "Mappings": {
    "EnvironmentMapping": {
      "Fn::Transform": {
        "Name": "AWS::Include",
        "Parameters": {
          "Location": {
            "Fn::Sub": "s3://my-bucket/snippets/${Environment}.json"
          }
        }
      }
    }
  },
  "Outputs": {
    "EBSID": {
      "Description": "Physical ID of EBS Volume",
      "Value": { "Ref": "EBS" }
    }
  },
  "Parameters": {
    "AvailabilityZone": {
      "Description": "Availability Zone for EBS volume",
      "Type": "String",
      "AllowedValues": ["us-west-2a", "us-west-2b", "us-west-2c"],
      "Default": "us-west-2a"
    },
    "Environment": {
      "Description": "Defines the environment that this stack lives in",
      "Type": "String",
      "AllowedValues": [
        "development",
        "test",
        "qa",
        "prod-internal",
        "management"
      ],
      "Default": "test"
    }
  }
}
kddejong commented 6 days ago

I'll take a look into it. By quick a look the Fn::Transform is messing with the logic. We don't fully support Fn::Transform. Clearing up this issue may result in another error so need to think if we can handle a transform here.

isuftin commented 6 days ago

@kddejong - Note that this was working in 1.3.4 so it looks like a regression happened >=1.3.5

kddejong commented 6 days ago

I'm going to add some logic to handle Fn::Transform inside mappings. This will prevent the resolvers from failing and throwing the error you are seeing.

kddejong commented 6 days ago

v0 version of these errors for reference. This should allow us to do a lot better than we were doing in v0. We can now reasonably handle Fn::Transforms inside of Mappings.

W1011 FindInMap first key "kms" doesn't exist in map "EnvironmentMapping" at Resources/EBS/Properties/KmsKeyId/Fn::FindInMap
local/issue/3416.json:11:65

E7001 Mapping EnvironmentMapping has invalid property at Parameters
local/issue/3416.json:23:11