Closed mgilroy closed 9 years ago
cartwrightian
commented
9 years ago I am testing now with the latest SDK from amazon which is aws-java-sdk-1.9.14. The tool does not invoke the CLI so unless the field is mandatory in the API this should not have broken things? Were you seeing an issue? Thanks!
mgilroy
commented
9 years ago Hi Ian,
Yes, we couldn't create new aws instances. The AWS api has changed as far as I can see to require the CAPABILITY_IAM to be set.
Ironically, our last commit was on the 18th just before the changes were made. Came back from Christmas and couldn't push to our environments. Thought we had all had too much fun during the holidays,
Mike
On 12 January 2015 at 11:13, Ian Cartwright notifications@github.com wrote:
I am testing now with the latest SDK from amazon which is aws-java-sdk-1.9.14. The tool does not invoke the CLI so unless the field is mandatory in the API this should not have broken things? Were you seeing an issue? Thanks!
— Reply to this email directly or view it on GitHub https://github.com/cartwrightian/cfnassist/pull/7#issuecomment-69555990.
Michael Gilroy Chief Engineer
Silent Herdsman Limited Unit 9000 | Academy Park | 51 Gower Street | Glasgow | G51 1PR Tel: +44 (0)141 255 2930 | Mob: +44 (0)7533 971758 Email: mgilroy@silentherdsman.com | Web: www.silentherdsman.com
Silent Herdsman Limited is a limited company registered in Scotland. Company Registration No: SC333487 Registered Offices: Unit 9000, Academy Park, 51 Gower Street, Glasgow, G51 1PR, Scotland This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
cartwrightian
commented
9 years ago Yep, poor communication on their part :-(
https://forums.aws.amazon.com/thread.jspa?messageID=591290
Can you provide an example of template (or part of) that demonstrates this error, I am not able to reproduce the error at the moment.
I need to check adding this to the call does not impact templates that don't use capabilities - if it does I'll have to add it as a cli parameter for detect the present of the capabilities in the templates. btw - I just pushed a version with the latest aws api.
mgilroy
commented
9 years ago Hi Ian,
I think it is this section of our json file that causes the problem:
"webServerInstanceProfile" : { "Type" : "AWS::IAM::InstanceProfile", "Properties": { "Path": "/", "Roles": [ "Webserver" ] } }, Afraid I don't have a sanitized version of the json at the moment. I suspect that it ultimately will need to be a cli parameter. We took the quickest solution once we found the problem on Friday to fix our immediate need.
Cheers,
Mike
On 12 January 2015 at 14:38, Ian Cartwright notifications@github.com wrote:
Yep, poor communication on their part :-(
https://forums.aws.amazon.com/thread.jspa?messageID=591290
Can you provide an example of template (or part of) that demonstrates this error, I am not able to reproduce the error at the moment.
I need to check adding this to the call does not impact templates that don't use capabilities - if it does I'll have to add it as a cli parameter for detect the present of the capabilities in the templates. btw - I just pushed a version with the latest aws api.
— Reply to this email directly or view it on GitHub https://github.com/cartwrightian/cfnassist/pull/7#issuecomment-69578395.
Michael Gilroy Chief Engineer
Silent Herdsman Limited Unit 9000 | Academy Park | 51 Gower Street | Glasgow | G51 1PR Tel: +44 (0)141 255 2930 | Mob: +44 (0)7533 971758 Email: mgilroy@silentherdsman.com | Web: www.silentherdsman.com
Silent Herdsman Limited is a limited company registered in Scotland. Company Registration No: SC333487 Registered Offices: Unit 9000, Academy Park, 51 Gower Street, Glasgow, G51 1PR, Scotland This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
cartwrightian
commented
9 years ago Thanks, that has let me create a new integration test to reproduce the issue. Will now work on a fix for this.
(and will raise a ticket with Amazon because their docs says my stack templates ought to have seen the same problem but they don't.......)
cartwrightian
commented
9 years ago Should be fixed in 1.0.85, new CLI and ant options, check out point 5 on the readme. I've created an integration test so should get quicker feedback if this happens again.
Let me know if this works for you.
mgilroy
commented
9 years ago Hi Ian,
Yes everything looks like it is working fine now.
cheers,
Mike
On 12 January 2015 at 21:27, Ian Cartwright notifications@github.com wrote:
Should be fixed in 1.0.85, new CLI and ant options, check out point 5 on the readme. I've created an integration test so should get quicker feedback if this happens again.
Let me know if this works for you.
— Reply to this email directly or view it on GitHub https://github.com/cartwrightian/cfnassist/pull/7#issuecomment-69649253.
Michael Gilroy Chief Engineer
Silent Herdsman Limited Unit 9000 | Academy Park | 51 Gower Street | Glasgow | G51 1PR Tel: +44 (0)141 255 2930 | Mob: +44 (0)7533 971758 Email: mgilroy@silentherdsman.com | Web: www.silentherdsman.com
Silent Herdsman Limited is a limited company registered in Scotland. Company Registration No: SC333487 Registered Offices: Unit 9000, Academy Park, 51 Gower Street, Glasgow, G51 1PR, Scotland This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission.
Hi Ian,
AWS cli changed on December 18th https://aws.amazon.com/releasenotes/CLI/9545264285307109
You now need to provide s CAPABILITY_IAM, which is required for the following resources: AWS::CloudFormation::Stack, AWS::IAM::AccessKey, AWS::IAM::Group, AWS::IAM::InstanceProfile, AWS::IAM::Policy, AWS::IAM::Role, AWS::IAM::User, and AWS::IAM::UserToGroupAddition
This commit adds this to the create stack request in cfnassist
Mike