AWS Cloudformation 创建堆栈模板错误

问题描述 投票:0回答:2

所以我试图在 CF 中为 API 提供一些资源。我有下面的 yml 文件,但我不断收到模板错误并且看不到问题。

AWSTemplateFormatVersion: "2010-09-09"
Description: 'container cluster on ECS, loadbalancer, security groups and cloudwatch'

Resources:

  ECSCluster:
    Type: AWS::ECS::Cluster
    Properties:
      ClusterName: 'hello-cluster'

  LoadBalancer:
    Type: AWS::ElasticLoadBalancingV2::LoadBalancer
    Properties:
      Name: ecs-services
      Subnets:
        #these imports will pull from export name of the vpc stack that we made
        - 'subnet-abcdefg'
        - 'subnet-abcdefo'
        - 'subnet-abcdefp'
      SecurityGroups:
        #references the LoadBalancerSecurityGroup below
        - !Ref LoadBalancerSecurityGroup

  #port 80 for POC, then add 443
  LoadBalancerListener:
    Type: AWS::ElasticLoadBalancingV2::Listener
    Properties:
      #references LoadBalancer above
      LoadBalancerArn: !Ref LoadBalancer
      Protocol: HTTP
      Port: 80
      DefaultActions:
        - Type: forward
          #references target group below
          TargetGroupArn: !Ref DefaultTargetGroup

  #this is very open, we won't want this
  LoadBalancerSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Security group for loadbalancer to services on ECS
      VpcId: 'vpc-abcdefg'
      SecurityGroupIngress:
        - CidrIp: 0.0.0.0/0
          IpProtocol: -1

  DefaultTargetGroup:
    Type: AWS::ElasticLoadBalancingV2::TargetGroup
    Properties:
      Name: default
      #imports vpc export name from previous stack
      VpcId: 'vpc-abcdefg'
      Protocol: 'HTTP'
      Port: '80'  

  #extranious for now
  CloudWatchLogsGroup:
    Type: AWS::Logs::LogGroup
    Properties:
      LogGroupName: 'apis'
      RetentionInDays: 1

  ## security group for containers simliar to load balancer getting connections from the internet,
  ## this will allow connections from the load balancer
  ContainerSecurityGroup:
    Type: AWS::EC2::SecurityGroup      
    Properties:
     VpcId: 'vpc-abcdefg'
     GroupDescription: for ecs containers
     SecurityGroupIngress:
       - SourceSecurityGroupId: !Ref 'LoadBalancerSecurityGroup'
         IpProtocol: -1


Outputs:

  Cluster:
    Value: !Ref ECSCluster
    Export:
      Name: 'ECSCluster'

  Listener:
    Description: listener port 80
    Value: !Ref LoadBalancerListener
    Export:
      Name: 'Listener'

  ContainerSecurityGroup:
    Description: container security group
    Value: !Ref ContainerSecurityGroup
    Export:
      Name: 'ContainerSecurityGroup'

  LoadBalancerDNS:
    Description: Domain name for the loadbalancer
    Value: !GetAtt LoadBalancer.DNSName
    Export:
      Name: 'DomainName'

当我运行它来创建我的堆栈时,它给了我一个错误。

aws cloudformation create-stack --stack-name app-cluster --template-body file://infra/app-cluster.yml

错误是:

An error occurred (ValidationError) when calling the CreateStack operation: Invalid template property or properties [???AWSTemplateFormatVersion]

当我删除前两行并将第一行设置为“资源”时,我收到此错误

An error occurred (ValidationError) when calling the CreateStack operation: Template format error: At least one Resources member must be defined.

感觉我必须错过一些简单的东西,但我只是没有看到它。谢谢

amazon-web-services yaml aws-cloudformation amazon-ecs
2个回答
6
投票

三个“???”表示您的文件中有 BOM

请将模板文件保存为UTF-8(无BOM),它应该可以解决问题。这将取决于您的编辑器

0
投票

” 用户:arn:aws:iam::009160040727:user/testUser 无权对资源执行:cloudformation:DescribeStacks:arn:aws:cloudformation:ca-central-1:009160040727:stack/auto-garden-server-dev/ c28c5800-4e37-11ef-9937-0ab1458adf2f 因为没有基于身份的策略允许 cloudformation:DescribeStacks 操作” 我该怎么办?

最新问题
© www.soinside.com 2019 - 2025. All rights reserved.