- Le plus récent
- Le plus de votes
- La plupart des commentaires
Hello, as indicated here, you must write the command's output to a reserved file called /command-output.txt. Now, per the code, the above error can occur if SSM PutParameter failed due to invalid value in /command-output.txt.
I tested the template in my lab and noticed PutParameter
event in CloudTrail failed with the following error:
"1 validation error detected: Value at 'value' failed to satisfy constraint: Member must have length greater than or equal to 1.
Then, observed the following error in a log named i-****/cloud-init-output.log
in the CloudWatch log group that I configured using the LogGroup
property in AWSUtility::CloudFormation::CommandRunner
resource type.
aws: error: argument --event-selectors is required
Contents of /command-output.txt =
As seen above, contents of the /command-output.txt is empty.
This --event-selectors argument error occurs if the session uses AWS CLI v1 and is not seen in AWS CLI v2. Observed the Amazon Linux AMI used by CommandRunner does not have the latest version of the AWS CLI installed at present, therefore we will need to update the AWS CLI on the instance to successfully execute the above put-event-selectors
command. I used the following snippet to fix the issue:
....
Resources:
CommandRunner:
Type: 'AWSUtility::CloudFormation::CommandRunner'
Properties:
Command: >-
curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip";
unzip awscliv2.zip;
sudo ./aws/install;
aws --version;
aws cloudtrail put-event-selectors --trail-name XXX --region XXXX --advanced-event-selectors '[ { "Name": "S3EventSelector", "FieldSelectors": [ { "Field": "eventCategory", "Equals": ["Data"] }, { "Field": "resources.type", "Equals": ["AWS::S3::Object"] }, { "Field": "eventName", "Equals": ["PutObject","DeleteObject"] }, { "Field": "resources.ARN", "StartsWith": ["arn:aws:s3:::XX","arn:aws:s3:::XXX"] } ] } ]' --output text > /command-output.txt
Role: yourrole
LogGroup: log-group-name
Hope it helps!
Contenus pertinents
- demandé il y a 7 mois
- demandé il y a un an
- demandé il y a un an
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an