问题描述

我正在尝试验证Cloudformation模板.我发出的命令是:

I am trying to validate a Cloudformation template. The command I am issuing is:

▶ aws cloudformation validate-template --template-body file://template.json

但是，我得到的答复是:

The response I am getting, however, is:

"CapabilitiesReason": "The following resource(s) require capabilities: 
  [AWS::IAM::Role]", 

不幸的是，我找不到任何设置功能的方法.

I can't find any way to set the capability unfortunately.

您如何设置功能?

推荐答案

来自Capabilities 和 CapabilitiesReason 输出.amazon.com/cli/latest/reference/cloudformation/validate-template.html"rel =" noreferrer> validate-template 并非错误.它们是正常的输出，列出了在运行 创建堆栈 或 更新堆栈 .

The Capabilities and CapabilitiesReason outputs from validate-template are not errors. They are normal outputs listing resources requiring capabilities that will need to be specified (via --capabilities) when running create-stack or update-stack in the future.

您可以通过检查返回码为 0 表示命令已成功完成.

You can confirm that a validation succeeded without errors by checking that the return code is 0 indicating the command completed successfully.

validate-template 输出如下:

在模板中找到的功能.如果模板包含IAM资源，则在使用 create-stack 或时，必须为此参数指定 CAPABILITY_IAM 或 CAPABILITY_NAMED_IAM 值.使用模板更新堆栈操作；否则，这些操作将返回 InsufficientCapabilities 错误.有关更多信息，请参阅在AWS CloudFormation中确认IAM资源模板.

The capabilities found within the template. If your template contains IAM resources, you must specify the CAPABILITY_IAM or CAPABILITY_NAMED_IAM value for this parameter when you use the create-stack or update-stack actions with your template; otherwise, those actions return an InsufficientCapabilities error. For more information, see Acknowledging IAM Resources in AWS CloudFormation Templates.

CapabilitiesReason ->(字符串)

在功能"响应元素中生成值的资源列表.

The list of resources that generated the values in the Capabilities response element.

这篇关于设置AWS Cloudformation Template-Validate的功能的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！