- Newest
- Most votes
- Most comments
🤔 It seems like CookieSynchronizationConfiguration
is duplicated in your CloudFormation template. Could you confirm if this property is included twice?
//whenever I include CookieSynchronizationConfiguration: Allowlist: - Domain: microsoftonline.com
`AWSTemplateFormatVersion: '2010-09-09' Description: | This CloudFormation template defines an AWS WorkSpaces Web UserSettings resource with customizable properties such as copy, paste, download, and upload operations permissions, session disconnect timeout settings, and cookie synchronization configurations.
Parameters:
CopyAllowedParameter:
Type: String
Default: Enabled
Description: Specifies whether copy operation is allowed.
DisconnectTimeoutParameter:
Type: Number
Default: 60
Description: The amount of time, in minutes, before a user's session is disconnected after idle.
DownloadAllowedParameter:
Type: String
Default: Enabled
Description: Specifies whether download operation is allowed.
IdleDisconnectTimeoutParameter:
Type: Number
Default: 15
Description: The amount of time, in minutes, before a user's session is automatically disconnected after being idle.
PasteAllowedParameter:
Type: String
Default: Enabled
Description: Specifies whether paste operation is allowed.
PrintAllowedParameter:
Type: String
Default: Enabled
Description: Specifies whether print operation is allowed.
UploadAllowedParameter:
Type: String
Default: Enabled
Description: Specifies whether upload operation is allowed.
CookieDomainParameter:
Type: String
Default: microsoftonline.com
Description: The domain to be allowed for cookie synchronization.
Resources:
MyVPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
Tags:
- Key: Name
Value: MyVPC
PublicSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.1.0/24
AvailabilityZone: !Select
- 0
- !GetAZs ''
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: PublicSubnet1
PublicSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.2.0/24
AvailabilityZone: !Select
- 1
- !GetAZs ''
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: PublicSubnet2
PrivateSubnet1:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.3.0/24
AvailabilityZone: !Select
- 0
- !GetAZs ''
Tags:
- Key: Name
Value: PrivateSubnet1
PrivateSubnet2:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref MyVPC
CidrBlock: 10.0.4.0/24
AvailabilityZone: !Select
- 1
- !GetAZs ''
Tags:
- Key: Name
Value: PrivateSubnet2
WebSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow HTTP and HTTPS traffic
VpcId: !Ref MyVPC
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties: {}
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref MyVPC
InternetGatewayId: !Ref InternetGateway
NetworkSettings:
Type: AWS::WorkSpacesWeb::NetworkSettings
Properties:
VpcId: !Ref MyVPC
SecurityGroupIds:
- !Ref WebSG
SubnetIds:
- !Ref PublicSubnet1
- !Ref PublicSubnet2
Portal:
Type: AWS::WorkSpacesWeb::Portal
Properties:
AuthenticationType: IAM_Identity_Center
DisplayName: Workspace
UserSettingsArn: !Ref UserSettings
BrowserSettingsArn: !Ref BrowserPolicy
NetworkSettingsArn: !Ref NetworkSettings
UserSettings:
Type: AWS::WorkSpacesWeb::UserSettings
Properties:
CopyAllowed: !Ref CopyAllowedParameter
DisconnectTimeoutInMinutes: !Ref DisconnectTimeoutParameter
DownloadAllowed: !Ref DownloadAllowedParameter
IdleDisconnectTimeoutInMinutes: !Ref IdleDisconnectTimeoutParameter
PasteAllowed: !Ref PasteAllowedParameter
PrintAllowed: !Ref PrintAllowedParameter
UploadAllowed: !Ref UploadAllowedParameter
CookieSynchronizationConfiguration:
Allowlist:
- Domain: !Ref CookieDomainParameter
- Name: microsoftonline
- Path: /
BrowserPolicy:
Type: AWS::WorkSpacesWeb::BrowserSettings
Properties:
BrowserPolicy: !Sub |
{
"chromePolicies": {
"ManagedBookmarks": {
"value": []
},
"BookmarkBarEnabled": {
"value": false
},
"RestoreOnStartup": {
"value": 4
},
"RestoreOnStartupURLs": {
"value": [
"https:/example.com/"
]
},
"URLBlocklist": {
"value": []
},
"URLAllowlist": {
"value": []
},
"AllowDeletingBrowserHistory": {
"value": true
},
"IncognitoModeAvailability": {
"value": 0
}
}
}
Outputs:
NetworkSettingsArn:
Description: The ARN of the network settings
Value: !Ref NetworkSettings
Export:
Name: NetworkSettingsArn`
Ensure the template follows this format: Format.
what part?
could you be more specific ? format link doesn't work
Sorry, you're right. Try to validate the template again using this format.
CookieSynchronizationConfiguration: Allowlist: - Domain: !Ref CookieDomainParameter Name: "microsoftonline" Path: "/"
Resource handler returned message: "null" (RequestToken: 1db9c942-3b1e-d0dc-ff90-e186ac702138, HandlerErrorCode: InternalFailure)
When you pass the Domain without referencing (!Ref CookieDomainParameter), you still get this error:
Resource handler returned message: "null" (RequestToken: 1db9c942-3b1e-d0dc-ff90-e186ac702138, HandlerErrorCode: InternalFailure)
?
Relevant content
- asked a year ago
- asked 8 months ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 10 months ago
Sorry about that. it's not a duplicate . that is where my question begins from
So, does this only happen when you add the
cookieSynchronizationConfiguration
?yes Correct. But when I include
it throws an error "Resource handler returned message: "null" (RequestToken: 362c20c1-7fee-4d8e-9aea-4082e6ee1e21, HandlerErrorCode: InternalFailure)"
Template format error: Unresolved resource dependencies [UserSetting] in the Resources block of the template
Also can you validate the cloudformation template using this command guidelines Validating a template: