amazon-cloudformation - 验证 aws 云形成时出错
问题描述
我正在尝试学习和练习 AWS Cloudformation 模板。
在验证模板时,我遇到了错误。
$ aws cloudformation validate-template --template-body file:///home/bhemanth/Downloads/ec2-templates/singe-instance-v2.yaml
An error occurred (ValidationError) when calling the ValidateTemplate operation: Invalid template resource property 'BlockDeviceMappings'
CloudFormation 模板代码错误:
AWSTemplateFormatVersion: '2010-09-09'
Description: 'CentOS EC2 Instance template'
Parameters:
KeyName:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance
Type: AWS::EC2::KeyPair::KeyName
Default: hemanth
AllowedValues:
- hemanth
- client
ConstraintDescription: must be the name of an existing EC2 KeyPair.
InstanceType:
Description: CentOS
Type: String
Default: t2.small
AllowedValues:
- t2.micro
- t2.small
- t2.medium
ConstraintDescription: must be a valid EC2 instance type.
SSHLocation:
Description: The IP address range that can be used to SSH to the EC2 instances
Type: String
MinLength: '9'
MaxLength: '18'
Default: 0.0.0.0/0
AllowedPattern: "(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})\\.(\\d{1,3})/(\\d{1,2})"
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
Resources:
EC2Instance:
Type: AWS::EC2::Instance
Properties:
InstanceType:
Ref: InstanceType
SecurityGroups:
- Ref: InstanceSecurityGroup
KeyName:
Ref: KeyName
ImageId: ami-01ed306a12b7d1c96
InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: EnableAll
GroupDescription: Enable SSH access for all ports
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: '0'
ToPort: '65535'
CidrIp:
Ref: SSHLocation
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
DeleteOnTermination: true
Status: attached
Hypervisor: xen
RootDeviceName: /dev/sda1
RootDeviceType: ebs
Tags:
- Key: Name
Value: Docker
VirtualizationType: hvm
UserData:
Fn::Base64: !Sub |
#!/usr/bin/env bash
yum install -y wget
wget -O- https://get.docker.com/ | sh
systemctl status docker
systemctl start docker
systemctl enable docker
systemctl status docker
systemctl status -l docker
Volumes:
- Attachments:
Device: /dev/sda1
State: attached
DeleteOnTermination: true
AvailabilityZone: us-west-2a
Encrypted: false
Size: 30
State: in-use
Iops: 100
VolumeType: gp2
Outputs:
InstanceId:
Description: InstanceId of the newly created EC2 instance
Value:
Ref: EC2Instance
AZ:
Description: Availability Zone of the newly created EC2 instance
Value:
Fn::GetAtt:
- EC2Instance
- AvailabilityZone
PublicDNS:
Description: Public DNSName of the newly created EC2 instance
Value:
Fn::GetAtt:
- EC2Instance
- PublicDnsName
PublicIP:
Description: Public IP address of the newly created EC2 instance
Value:
Fn::GetAtt:
- EC2Instance
- PublicIp
我正在尝试准备 aws cloudformation 模板,该模板将从用户数据安装 docker 并在实例终止时删除卷。
你能告诉我模板有什么问题吗?
如果可能的话,请您为初学者创建 aws cloudformation 提供好的提示和秘籍。
谢谢,赫曼思。
解决方案
CloudFormation Linter通过以下方式捕捉到这一点以及更多:
E3001 Invalid resource attribute BlockDeviceMappings for resource InstanceSecurityGroup
singe-instance-v2.yaml:51:5
E3001 Invalid resource attribute Hypervisor for resource InstanceSecurityGroup
singe-instance-v2.yaml:56:5
E3001 Invalid resource attribute RootDeviceName for resource InstanceSecurityGroup
singe-instance-v2.yaml:57:5
E3001 Invalid resource attribute RootDeviceType for resource InstanceSecurityGroup
singe-instance-v2.yaml:58:5
E3001 Invalid resource attribute Tags for resource InstanceSecurityGroup
singe-instance-v2.yaml:59:5
E3001 Invalid resource attribute VirtualizationType for resource InstanceSecurityGroup
singe-instance-v2.yaml:62:5
E3001 Invalid resource attribute UserData for resource InstanceSecurityGroup
singe-instance-v2.yaml:63:5
E3001 Invalid resource attribute Volumes for resource InstanceSecurityGroup
singe-instance-v2.yaml:73:5
BlockDeviceMappings
, Tags
, UserData
,Volumes
和等属性类型AvailabilityZone
应该缩进比Properties:
我也相信这些属性应该Properties:
在AWS::EC2::Instance
资源下面,因为它们中的大多数不是有效的属性类型AWS::EC2::SecurityGroup
我不认为Hypervisor
是任何资源类型的有效属性类型,所以我不确定该属性类型来自哪里
我建议参考AWS::EC2::SecurityGroup
和AWS::EC2::Instance
资源类型的文档
推荐阅读
- php - 将数据从 Ajax 传递到 Laravel 中的控制器
- r - 使用可变数量的#s 解析文件名
- c# - RemoteApp 应用程序中的 Flash 任务栏图标
- javascript - ajax 表单错误
- .net-core - 如何在 ServiceStack 中实现 Auth0 认证?
- r - 在 textInput 中选择文本/设置焦点
- html - SVG图标填充和描边不起作用
- laravel - Laravel DB 查询构建器使用查询数据更新
- angular - 您可以在自定义表单控件中将 ViewChild 指定为 ControlValueAccessor 吗?
- python - 默认损失函数 contrib.learn DNNRegressor