Unable to deploy AWS Service Catalogue by Cloud Formation

0

Here is my cloud formation template which I am trying to deploy manually from AWS Cloud Formation Console:

AWSTemplateFormatVersion: "2010-09-09"
Description: "The root stack for deploying ALB and TargetGroup"
Parameters:

  ApplicationName:
    Type: String
    Description: "[Required] Unique application name"
    Default: asm
    AllowedPattern: ".+"
  
  EnvironmentName:
    Type: String
    Default: "tbv"
    Description: The environment name
    AllowedValues:
      - "tbv"
      - "stg"
      - "prod"
  
  DataClassification:
    Type: String
    Description: "Data Classification"
    Default: Confidential
    AllowedValues: [GroupUse, Public, Confidential, CustomerPersonal, HighlyProtected]

  # ALB parameters
  AlbSg:
    Type: String
    Description: One or more Security group(s) for the ALB. Use comma (no space) to separate
    AllowedPattern: ^(sg-[a-z0-9]+,?)+$
    Default: "sg-0b4d2f37bbb292d1f"
  
  AlbType:
    Type: String
    Description: Is it an external (internet-facing) or internal ALB?
    Default: internet-facing
    AllowedValues: [internal,internet-facing]

  # ASG Generic Parameters
  EBSSize:
    Type: Number
    Description: "[Required] Size of root EBS volume"
    Default: 50
  
  EBSType:
    Type: String
    Description: "[Required] EBS Volume Type"
    Default: gp3
    AllowedValues: [gp2, gp3, io1, io2, sc1, st1, standard]

  EBSIOPS:
    Type: Number
    Description: "[Required only for gp3 (default 3,000), io1 and io2 volumes]. This parameter is not applicable for other EBS volume types (sc1, st1, standard), please leave it as the default number if that is the case. "
    Default: 3000

  InstanceProfileName:
    Type: String
    Description: "[Optional] The instance profile name for EC2. Standard L2 BP Instance Profile for the tenants (if pre-created). If not provided, a new profile will be created with minimum permessions to read from ConfigureStore bucket and read a sample secret stored in secrets manager"
    Default: ""

  InstanceType:
    Type: String
    Description: "[Required] Any valid EC2 instance size is allowed (https://aws.amazon.com/ec2/instance-types/)"
    Default: t3.micro
    AllowedPattern: ".+"

  AsgSecurityGroups:
    Type: String
    Description: "[Optional] Existing security groups to associate with instances. If not provided, a new security group will be created"
    AllowedPattern: ^$|^(sg-[a-z0-9]+,?)+$

  OsType:
    Type: String
    Description: "[Required] Operating system"
    Default: linux
    AllowedValues: [windows, linux]
  
  DesiredCapacity:
    Type: String
    Description: "[Required] Desired Cluster Size. The maximum number of instances to scale up to based on policies"
    Default: '2'

  InstanceCountMin:
    Type: String
    Description: "[Required] Min Cluster Size. The minimum number of instances to scale down to based on policies"
    Default: '2'
    
  InstanceCountMax:
    Type: String
    Description: "[Required] Max Cluster Size. The maximum number of instances to scale up to based on policies"
    Default: '3'

  SnsTopicArn:
    Type: String
    Description: "[Optional] Topic arn to receive notifications about autoscaling activities. If not provided, a new sns topic will be created"
    AllowedPattern: ^$|^arn:aws:sns:.+:\d{12}:.+
    Default: ""

  AlbCert:
    Type: String
    Description: "[Required] ARN for ACM for ALB Certificate"
    Default: "arn:aws:acm:ap-southeast-2:972399316514:certificate/37c516c1-d900-49df-80e7-5d3254a5bcbe"
    
      # Backend app related parameter
  AppPort:
    Type: Number
    Description: "Listening port of the application"
    Default: 8443

  UserDataS3script:
    Type: String
    Description: "[Optional] Please provide the script KeyName under S3 bucket e.g: '/abc/scripts.sh', if the script under abc folder named as scripts.sh"

  LatestWindowsAmiId:
    Type: String
    Description: "[Required only for Windows OsType] Latest CBA Approved Windows AMI Id"
  #  AllowedPattern: ^$|^ami-[a-z0-9]{8,17}$
    Default: ""

  LatestLinuxAmiId:
    Type: String
    Description: "[Required only for Linux OsType] Latest CBA Approved Linux AMI Id"
    AllowedPattern: ^$|^ami-[a-z0-9]{8,17}$
    Default: "ami-0661da39e6a5cd21f"

  LogsBucket:
    Type: String
    Description: "[REQUIRED] Location for ALB Logs"
    Default: "sc-972399316514-pp-zelzfifdb-configurestorebucket-1ranazdb4g6n"

Mappings:
  AsgProductParameters:
    default:
      ProductName: "BP-ALB-Product"
      ProvisioningArtifactName: "1.0.0"
      
Resources:
  AsgProduct:
    Type: "AWS::ServiceCatalog::CloudFormationProvisionedProduct"
    Properties:
      ProductName: !FindInMap ["AsgProductParameters", "default", "ProductName"] 
      ProvisioningArtifactName: !FindInMap ["AsgProductParameters", "default", "ProvisioningArtifactName"] 
      ProvisioningParameters:
        - Key: "NodeName"
          Value: !Ref ApplicationName
        - Key: "EBSSize"
          Value: !Ref "EBSSize"
        - Key: "EBSType"
          Value: !Ref "EBSType"
        - Key: "EBSIOPS"
          Value: !Ref "EBSIOPS"
        - Key: "InstanceProfileName"
          Value: !Ref "InstanceProfileName"
        - Key: "InstanceType"
          Value: !Ref "InstanceType"
        - Key: "SecurityGroups"
          Value: !Ref "AsgSecurityGroups"
        - Key: "OsType"
          Value: !Ref "OsType"
        - Key: "DesiredCapacity"
          Value: !Ref DesiredCapacity
        - Key: "InstanceCountMin"
          Value: !Ref InstanceCountMin
        - Key: "InstanceCountMax"
          Value: !Ref InstanceCountMax
        - Key: "CPUUtilisationTargetValue"
          Value: "80"
        - Key: "MinSuccessfulInstancesPercent"
          Value: "100"
        - Key: "CfnSignalTimeout"
          Value: "PT30M5S"
        - Key: "SecurityZone"
          Value: "eccf"
        - Key: "DataClassification"
          Value: !Ref "DataClassification"
        - Key: "UserdataS3script"
          Value: !Ref "UserDataS3script"
        - Key: "AppPort"
          Value: !Ref "AppPort"
        - Key: "LatestWindowsAmiId"
          Value: !Ref "LatestWindowsAmiId"
        - Key: "LatestLinuxAmiId"
          Value: !Ref LatestLinuxAmiId
        - Key: "SnsTopicArn"
          Value: !Ref "SnsTopicArn"

However, when I try to deploy the code I get an error like below:

Resource handler returned message: "AmazonCloudFormationException Parameters: [LogsBucket, AlbSg, AlbCert] must have values (Service: AmazonCloudFormation; Status Code: 400; Error Code: ValidationError; Request ID: 55be8740-0fc9-4006-a4c4-574e1cd4dc97; Proxy: null)" (RequestToken: ac1b447c-80f1-37a7-c7b3-e602c8753da5, HandlerErrorCode: InvalidRequest)

1 Answer
0

The error which you are receiving is generally encountered when you do not pass the required Provisioning Parameters [1] in order to create a Provisioned product.

I replicated the error at my end. When I didn’t passed the Parameters required to create a provisioned product under the property "ProvisioningParameters" then I received a similar error. After providing the required parameters, I was not getting the error message.

The error message you are getting says: “Resource handler returned message: "AmazonCloudFormationException Parameters: [LogsBucket, AlbSg, AlbCert] must have values (Service: AmazonCloudFormation; Status Code: 400; Error Code: ValidationError; Request ID: 55be8740-0fc9-4006-a4c4-574e1cd4dc97; Proxy: null)" (RequestToken: ac1b447c-80f1-37a7-c7b3-e602c8753da5, HandlerErrorCode: InvalidRequest)”

After looking at your provided template, the parameters (‘LogsBucket’, ‘AlbSg’, ‘AlbCert’) seems to be missing from the ‘ProvisioningParameters’ property under the resource “AsgProduct”.

To resolve the error, kindly pass the above missing parameters under ‘ProvisioningParameters’ property and try the deployment again.

If this doesn’t help in your case, then To answer your question, we require details that are non-public information. Please open a support case with AWS using the following link: https://support.console.aws.amazon.com/support/home#/case/create

Reference: [1] https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicecatalog-cloudformationprovisionedproduct.html#cfn-servicecatalog-cloudformationprovisionedproduct-provisioningparameters

AWS
SUPPORT ENGINEER
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions