aws / aws-cli

Universal Command Line Interface for Amazon Web Services
Other
15.54k stars 4.13k forks source link

Create SSM Document of type CloudFormation fails #8253

Closed takesson closed 4 months ago

takesson commented 1 year ago

Describe the bug

This command should create an SSM Document according to the below documentation: aws ssm create-document --name "cfn-codebuild-bogus-application-5.2" --document-type "CloudFormation" --document-format YAML --content file://cfn-codebuild-bogus-application.yml --region eu-west-1

https://docs.aws.amazon.com/systems-manager/latest/userguide/application-manager-working-templates-overview.html#application-manager-working-stacks-creating-template

Expected Behavior

Create an SSM Document containing the CloudFormation template.

Pasting exactly the same template into the Console works, but that has to be the Application Manager template library (seems unsupported in SSM Documents).

Current Behavior

An error occurred (InvalidDocumentContent) when calling the CreateDocument operation: [message: "object has missing required properties ([\"schemaVersion\",\"templateBody\"])" - parent node: /]

Reproduction Steps

Get the sample YAML template from here: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-formats.html

aws ssm create-document --name "cfn-codebuild-bogus-application-5.2" --document-type "CloudFormation" --document-format YAML --content file://cfn-codebuild-bogus-application.yml --region eu-west-1

Possible Solution

No response

Additional Information/Context

No response

CLI version used

2.13.27

Environment details (OS name and version, etc.)

macOS Python/3.11.6 Darwin/21.6.0

takesson commented 1 year ago

Same error when updating a document which already exists (created manually in Console).

aws ssm update-document --name "cfn-codebuild-bogus-application-5.2" --document-version "\$LATEST" --content file://cfn-codebuild-bogus-application.yml --region eu-west-1

aBurmeseDev commented 1 year ago

Hi @takesson - thanks for reaching out.

According to the error, it sounds like the document content yaml is missing some of the required properties schemaVersion templateBody and the error is being thrown from service side rather than CLI. If you could share the yaml file for verification, I could reach out to service team on your behalf to verify. Please make sure any sensitive info are redacted.

Here's documentation on writing SSM document content and creating an SSM document for reference.

Also note that you'll need to install and configure the AWS CLI or the AWS Tools for PowerShell in order to run create SSM document with command line.

Hope that helps!

github-actions[bot] commented 1 year ago

Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one.

takesson commented 1 year ago

Thanks for looking into the issue. I have done some more investigation.

Most of the SSM document types are entirely new formats (Command, Automation, Session, ...) but Cloudformation had its template format since way back and there is tooling support for that format (cfn-lint, VS Code, other IDEs, ...). The Cfn templates must consequently be authored and SCM-versioned in Cfn format, not wrapped into an SSM document.

The problem here is that I was not aware that the Cfn template had to be wrapped into an SSM document. The person writing the AWS documentation did not document that important step or did actually expect the CLI / service to take care of the wrapping. It would be helpful to avoid every builder having to develop the script to wrap Cfn template into SSM document themselves.

Suggestions:

I used this sample Cfn template when testing (from one of the above documentation links):

AWSTemplateFormatVersion: "2010-09-09"
Description: A sample template
Resources:
  MyEC2Instance: #An inline comment
    Type: "AWS::EC2::Instance"
    Properties: 
      ImageId: "ami-0ff8a91507f77f867" #Another comment -- This is a Linux AMI
      InstanceType: t2.micro
      KeyName: testkey
      BlockDeviceMappings:
        -
          DeviceName: /dev/sdm
          Ebs:
            VolumeType: io1
            Iops: 200
            DeleteOnTermination: false
            VolumeSize: 20
aBurmeseDev commented 4 months ago

Apologies for the delay response and thanks for the suggestions. As you said, it's because template had to be wrapped into an SSM document which needs clear documentation on service API docs. I've reached out to SSM team to submit a request on the docs update. On your other suggestion for AWS CLI, it won't be considered at this time unfortunately. Thanks again for your patience.

github-actions[bot] commented 4 months ago

This issue is now closed. Comments on closed issues are hard for our team to see. If you need more assistance, please open a new issue that references this one.