How do I resolve AWS CloudFormation template validation errors or template format errors?

Last updated: 2019-04-10

I tried to create an AWS CloudFormation stack, but my stack creation failed and I received an error message. How can I resolve this error?

Short Description

If your stack creation fails, you could get one of the following error messages:

  • "JSON not well-formed"
  • "YAML not well-formed"
  • "Unresolved resource dependencies [XXXXXXXX] in the Resources block of the template"
  • "The [environmental resource] 'XXXXXXXX' does not exist"
  • "Invalid template property or properties [XXXXXXXX]"
  • "Unrecognized parameter type: XXXXXXXX"
  • "Invalid template parameter property 'XXXXXXXX'"
  • "Encountered unsupported property XXXXXXXX"
  • "Value of property XXXXXXXX must be of type String"
  • "Every Default member must be a string"
  • "At least one Resources member must be defined"
  • "Every Condition member must be a string"
  • "Unrecognized resource types: [XXXXXXXX]"

These errors can result from improper JSON or YAML formatting, resource definitions, parameter definitions, conditions, or references to resources in your AWS CloudFormation template. These errors can also result from the unavailability of a specific resource type in an AWS Region.

Resolution

Validate template syntax

To follow proper JSON or YAML syntax in your AWS CloudFormation template, consider the following:

Validate logical and physical IDs

Confirm that resource logical IDs are defined in your template and that resource physical IDs exist in your environment.

For example, test is referenced for the ImageId property in the following JSON template and for the ImageID property in the following YAML template. However, neither template includes a resource logical ID or parameter named test.

JSON template:

{
  "Parameters" : { ... },
  "Resources" : {
    "EC2Instance01" : {
      "Type" : "AWS::EC2::Instance",
      "Properties" : {
        "ImageId" : {"Ref": "test"},
        ...
      }
    }
  }
}

YAML template:

Parameters:
Resources:
  EC2Instance01:
    Type: AWS::EC2::Instance
    Properties:
      ImageID: !Ref: test

The resource ID isn't correctly defined in the example JSON or YAML templates above. Using these templates returns the following error: "Unresolved resource dependencies [test] in the Resources block of the template.” For more information on resource definitions and their syntax, see Resources.

Validate parameter definitions

In your AWS CloudFormation template, confirm that the Parameters section doesn't contain any intrinsic functions.

For example, the default value for ParameterC in the following JSON and YAML templates has the intrinsic function Fn::Sub. This intrinsic function causes the validation error: "Every Default member must be a string."

JSON template:

{
  "Parameters": {
    "ParameterA": {
      "Type": "String",
      "Default": "abc"
    },
    "ParameterB": {
      "Type": "String",
      "Default": "def"
    },
    "ParameterC": {
      "Type": "String",
      "Default": {
        "Fn::Sub": "${ParameterA}-${ParameterB}"
      }
    }
  },
  "Resources": {
    "MyS3Bucket": {
      "Type": "AWS::S3::Bucket",
      "Properties": {
        "BucketName": {
          "Ref": "ParameterC"
        }
      }
    }
  }
}

YAML template:

Parameters:
 ParameterA:
  Type: String
  Default: abc
 ParameterB:
  Type: String
  Default: def
 ParameterC:
  Type: String
  Default: !Sub '${ParameterA}-${ParameterB}'
Resources:
 MyS3Bucket:
  Type: 'AWS::S3::Bucket'
  Properties:
   BucketName: !Ref ParameterC

Confirm that Conditions is specified as a string

In your AWS CloudFormation template, confirm that Conditions is specified as a string.

For example, the condition in the resource EC2RouteA is specified as a list of strings instead of a single string in the following example JSON and YAML templates. Using these templates results in the following validation error: "Every Condition member must be a string."

JSON template:

{
  "Conditions": {
    "ConditionA": {
      "Fn::Not": [
        {
          "Fn::Equals": [
            "",
            "Sample"
          ]
        }
      ]
    },
    "ConditionB": {
      "Fn::Not": [
        {
          "Fn::Equals": [
            "",
            "Sample"
          ]
        }
      ]
    }
  },
  "Resources": {
    "EC2RouteA": {
      "Type": "AWS::EC2::Route",
      "Condition": [
        "ConditionA",
        "ConditionB"
      ],
      "Properties": {
       ...
      }
    }
  }
}

YAML template:

Conditions:
 ConditionA: !Not 
  - !Equals 
   - ''
   - Sample
 ConditionB: !Not 
  - !Equals 
   - ''
   - Sample
Resources:
  EC2RouteA:
  Type: 'AWS::EC2::Route'
  Condition:
   - ConditionA
   - ConditionB
  Properties:

To resolve this error, add ConditionAandB to your template, and then use ConditionAandB as the condition for the EC2RouteA resource. See the following example templates:

JSON template:

{
  "Conditions": {
    "ConditionA": {
      "Fn::Not": [
        {
          "Fn::Equals": [
            "",
            "Sample"
          ]
        }
      ]
    },
    "ConditionB": {
      "Fn::Not": [
        {
          "Fn::Equals": [
            "",
            "Sample"
          ]
        }
      ]
    },
    "ConditionAandB": {
      "Fn::And": [
        {
          "Condition": "ConditionA"
        },
        {
          "Condition": "ConditionB"
        }
      ]
    }
  },
  "Resources": {
    "EC2RouteA": {
      "Type": "AWS::EC2::Route",
      "Condition": "ConditionAandB",
      "Properties": {
        ...
      }
    }
  }
}

YAML template:

Conditions:
  ConditionA:
    Fn::Not:
    - Fn::Equals:
      - ''
      - Sample
  ConditionB:
    Fn::Not:
    - Fn::Equals:
      - ''
      - Sample
  ConditionAandB:
    Fn::And:
    - Condition: ConditionA
    - Condition: ConditionB
Resources:
  EC2RouteA:
    Type: AWS::EC2::Route
    Condition: ConditionAandB
    Properties:

Verify that a resource type is available in an AWS Region

Verify that your resource is available in your AWS Region.

Not all resource types are available in every AWS Region. For example, the resource type AWS::WAFRegional::IPSet in the following JSON and YAML templates is currently unavailable in the ap-south-1 region. Using these templates results in the following error: "Unrecognized resource types: [XXXXXXXX]."

JSON template:

{
  "IPSetBlacklistA": {
    "Type": "AWS::WAFRegional::IPSet",
    "Properties": {
      "Name": "IPSet for blacklisted IP addresses",
      "IPSetDescriptors": [
        {
          "Type": "IPV4",
          "Value": "x.x.x.x/x"
        },
        {
          "Type": "IPV4",
          "Value": "x.x.x.x/x"
        }
      ]
    }
  }
}

YAML template:

IPSetBlacklistA:
 Type: 'AWS::WAFRegional::IPSet'
 Properties:
  Name: IPSet for blacklisted IP addresses
  IPSetDescriptors:
   - Type: IPV4
    Value: x.x.x.x/x
   - Type: IPV4
    Value: x.x.x.x/x

Note: AWS CloudFormation templates are stored as text files using a format that complies with JSON or YAML standards. The JSON and YAML templates above use the same template but a different format. For more information about YAML support, see Learn Template Basics, AWS CloudFormation Update – YAML, Cross-Stack References, Simplified Substitution, and YAML Version 1.2.

Validate properties, values, and value types

Be sure that template sections and resource definitions use valid properties, values, and value types. For information about resource-specific properties, see AWS Resource and Property Types Reference.


Did this article help you?

Anything we could improve?


Need more help?