search

aws-cloudformation / cfn-lint

CloudFormation Linter
MIT No Attribution
2.46k stars 596 forks source link

`E3036` False-positive for `UpdateReplacePolicy: Snapshot` #3845

Open r-heimann opened 2 days ago

r-heimann commented 2 days ago

CloudFormation Lint Version

cfn-lint 1.20.1

What operating system are you using?

Windows 11

Describe the bug

cfn-lint gives the following error:

[cfn-lint] E3036: 'Snapshot' is not one of ['Delete', 'Retain']
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html

Allowed Values:

Delete
Retain
Snapshot
Source: base.schema.json

For some reason it doesn't recognize Snapshot.

Expected behavior

cfn-lint finds Snapshot.

Reproduction template

Resources:
   myInstance:
     UpdateReplacePolicy: Snapshot
     Type: AWS::EC2::Instance
     Properties:
        ImageId: ami-0a70b9d193ae8a799
        InstanceType: t2.micro
        KeyName: my-key-pair
        SecurityGroupIds:
          - sg-12a4c434
        UserData:
          Fn::Base64: |
             #!/bin/bash
             yum update -y
             service httpd start
             chkconfig httpd on
kddejong commented 1 day ago

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-updatereplacepolicy.html#aws-attribute-updatereplacepolicy-options

Does Snapshot work here? According to the documentation it isn't supported here. Is it snapshotting the volumes?

kddejong commented 1 day ago

I guess then note may apply here. If you specify the Snapshot option in the UpdateReplacePolicy for a resource that doesn't support snapshots, CloudFormation reverts to the default option, which is Delete.