By using AWS re:Post, you agree to the AWS re:Post Terms of Use

How do I resolve the "Model validation failed (#: extraneous key [Key] is not permitted)" error in CloudFormation?

4 minute read
0

I used a custom resource provider in the AWS CloudFormation Command Line Interface (CFN-CLI) to create a resource. However, I received the "Model validation failed (#: extraneous key [Key] is not permitted)" error in my CloudFormation stack events.

Resolution

You can use your resource provider to create only resource types with properties. When you don't define properties in the resource type schema or you're using reserved properties, you receive the Model validation error.

To resolve this issue, complete the following steps:

  1. Verify that the defined properties in your CloudFormation template are also defined in your resource type schema file. You can find the file in the root directory of your project.
    Note: The file uses the organization-service-resource.json naming format. For example, article-ec2-subnet.json is the file name for an Amazon Elastic Cloud Compute (Amazon EC2) resource that's named Article::EC2::Subnet.

  2. Check whether you're using a reserved property. If you're using a reserved property, then change the name of the property in both the resource type schema and your CloudFormation template.

  3. To verify that your project is successfully built, run the cfn validate, cfn generate, and cfn submit commands in sequence. If you're using the Java plugin, then run the cfn validate, cfn generate, mvn package, and cfn submit commands in sequence.
    Example:

    cfn validate
    Resource schema is valid.
    
    cfn generate
    Generated files for Organization::Service::Resource
    
    mvn package
    [INFO] Scanning for projects...
    [INFO] 
    [INFO] --< software.organization.service.resource:organization-service-resource-handler >--
    [INFO] Building organization-service-resource-handler 1.0-SNAPSHOT
    [INFO] --------------------------------[ jar ]---------------------------------
    ...
    [INFO] ------------------------------------------------------------------------
    [INFO] BUILD SUCCESS
    [INFO] ------------------------------------------------------------------------
    [INFO] Total time:  21.690 s
    [INFO] Finished at: 2020-07-14T16:02:47-05:00
    [INFO] ------------------------------------------------------------------------
    
    cfn submit 
    Successfully submitted type. Waiting for registration with token '12345a-abcde-6789-abc1-a1234b567891' to complete.
    {'ProgressStatus': 'COMPLETE', 'Description': 'Deployment is currently in DEPLOY_STAGE of status COMPLETED' , 'TypeArn': 'arn:aws:cloudformation:us-east-1:1234567891:type/resource/Organization-Service-Resource', 'TypeVersionArn': 'arn:aws:cloudformation:us-east-1:1234567891:type/resource/Organization-Service-Resource/00000035', 'ResponseMetadata': {'RequestId': '123a1234-b123-4567-abcd-123a123b1c1d', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amzn-requestid': '123a1234-b123-4567-abcd-123a123b1c1d', 'content-type': 'text/xml', 'content-length': '952', 'date': 'Tue, 14 Jul 2020 21:16:17 GMT'}, 'RetryAttempts': 0}}

    Note: If your unit tests aren't complete and you want to skip the tests, then run mvn -Dmaven.test.skip=true package instead of mvn package.

  4. To set the current version of your project as the default, run the set-type-default-version AWS Command Line Interface (AWS CLI) command:

    aws cloudformation set-type-default-version --type RESOURCE --type-name Organization::Service::Resource --version-id 00000005

    Note: Replace Organization::Service::Resource with your resource type's name. Also, replace 00000005 with the latest version of the build that the cfn submit returns in the TypeVersionArn key. If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

  5. Run the following command to set the current type version as the default:

    cfn submit --set-default

    For more information, see submit.

  6. To troubleshoot the tests, use the rpdk.log file in your project's root directory.

If you use a resource provider and receive a different type of error, then see the following AWS Knowledge Center articles for additional troubleshooting steps:

Related information

CloudFormation CLI on the GitHub website.

AWS OFFICIAL
AWS OFFICIALUpdated 2 months ago