You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
cfn-lint will validate your template parameters against the resource provider schemas. To do this we use any values that are provided in the template including Default and AllowedValues. AllowedValues will be used if provided and if not we use the Default value.
The result can be confusing so I want to discuss how some of the expectations are and to use this issue to track this issue to see if it needs to be changed.
Basic example
To represent the issue we will use this basic template
returns the below error because when we resolve the Default value we do not end up with a valid AMI ID
E1152 {'Ref': 'MyImageId'} is not a 'AWS::EC2::Image.Id' when 'Ref' is resolved
Resolutions
Conditions
Sometimes we use the default parameter to represent an optional parameter and we wrap it in a condition. The following template will be error free as cfn-lint can now determine the value will not be "" when ImageId is validated.
If we require the template implementer to provide a valid value remove the Default property. If we remove Default we can use other parameter properties (AllowedPattern) to better validate the parameter value. We do this because we are expecting the template user to provide a value when they are deploying the template.
Parameters:
MyImageId:
Type: StringAllowedPattern: "ami-.+"# not meant to be perfectResources:
MyInstance:
Type: AWS::EC2::InstanceProperties:
ImageId: !Ref MyImageIdInstanceType: t2.micro
"Valid" Default
For this we will provide a "valid" value as the Default value.
cfn-lint Version
cfn-lint will validate your template parameters against the resource provider schemas. To do this we use any values that are provided in the template including
Default
andAllowedValues
.AllowedValues
will be used if provided and if not we use theDefault
value.The result can be confusing so I want to discuss how some of the expectations are and to use this issue to track this issue to see if it needs to be changed.
Basic example
To represent the issue we will use this basic template
returns the below error because when we resolve the
Default
value we do not end up with a valid AMI IDResolutions
Conditions
Sometimes we use the default parameter to represent an optional parameter and we wrap it in a condition. The following template will be error free as
cfn-lint
can now determine the value will not be""
whenImageId
is validated.No Default
If we require the template implementer to provide a valid value remove the
Default
property. If we removeDefault
we can use other parameter properties (AllowedPattern
) to better validate the parameter value. We do this because we are expecting the template user to provide a value when they are deploying the template."Valid" Default
For this we will provide a "valid" value as the
Default
value.You can also use
Metadata
to provide hints to the user that are using the console to deploy the template.The text was updated successfully, but these errors were encountered: