- Newest
- Most votes
- Most comments
Hi Navya,
Please refer capabilities section at AWS create stack synopsis, where it says:
--capabilities (list)
In some cases, you must explicitly acknowledge that your stack template contains certain capabilities in order for CloudFormation to create the stack.
CAPABILITY_IAM and CAPABILITY_NAMED_IAM Some stack templates might include resources that can affect permissions in your Amazon Web Services account; for example, by creating new Identity and Access Management (IAM) users. For those stacks, you must explicitly acknowledge this by specifying one of these capabilities. The following IAM resources require you to specify either the CAPABILITY_IAM or CAPABILITY_NAMED_IAM capability.
If you have IAM resources, you can specify either capability.
If you have IAM resources with custom names, you must specify CAPABILITY_NAMED_IAM .
If you don't specify either of these capabilities, CloudFormation returns an InsufficientCapabilities error.
Also, make sure that your lambda execution role has sufficient permissions for that s3 bucket location, where template is placed.
Edit:
Just pass CAPABILITY_IAM for capabilities. For key pair, include that in your cloudformation template as below:
Resources:
NewKeyPair:
Type: 'AWS::EC2::KeyPair'
Properties:
KeyName: new-key-pair
Ec2Instance:
Type: 'AWS::EC2::Instance'
Properties:
ImageId: ami-02b92c281a4d3dc79
KeyName: !Ref NewKeyPair
Refer Examples section at AWS::EC2::KeyPair and create key pair
It'd be helpful if you mention the error message once you try.
Comment here if you have additional questions, happy to help.
Abhishek
Initially I was getting an exception of permission but later it all removed as I have added all required permission to lambda but now the challenge is to pass existing key pair value in cloud formation parameter and define capabilities section. I would be grateful if you would share any working example that would quickly sort out the issue.
Hi Navya,
Please refer Edit section in my answer and let me know if you have further questions, happy to assist.
Relevant content
- asked 8 months ago
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 2 years ago
Can you mention the error from lambda logs please?