CookieSynchronizationConfiguration in AWS::WorkSpacesWeb::UserSettings

0

I have syntax issue with my Cloud formation code


  UserSettings:
    Type: AWS::WorkSpacesWeb::UserSettings
    Properties:
      CopyAllowed: Enabled
      DisconnectTimeoutInMinutes: 60
      DownloadAllowed: Enabled
      IdleDisconnectTimeoutInMinutes: 15
      PasteAllowed: Enabled
      PrintAllowed: Disabled
      UploadAllowed: Enabled
      CookieSynchronizationConfiguration:
        Allowlist:
          - Domain: microsoftonline.com


but /whenever I include 
      CookieSynchronizationConfiguration:
        Allowlist:
          - Domain: microsoftonline.com

I get an error Resource handler returned message: "null" (RequestToken: 362c20c1-7fee-4d8e-9aea-4082e6ee1e21, HandlerErrorCode: InternalFailure)

this is the full template

Tolu
asked a month ago218 views
2 Answers
1

🤔 It seems like CookieSynchronizationConfiguration is duplicated in your CloudFormation template. Could you confirm if this property is included twice?

//whenever I include 
      CookieSynchronizationConfiguration:
        Allowlist:
          - Domain: microsoftonline.com
profile picture
EXPERT
answered a month ago
  • Sorry about that. it's not a duplicate . that is where my question begins from

  • So, does this only happen when you add the cookieSynchronizationConfiguration?

  • yes Correct. But when I include

      CookieSynchronizationConfiguration:
        Allowlist:
          - Domain: microsoftonline.com
    

    it throws an error "Resource handler returned message: "null" (RequestToken: 362c20c1-7fee-4d8e-9aea-4082e6ee1e21, HandlerErrorCode: InternalFailure)"

  • Template format error: Unresolved resource dependencies [UserSetting] in the Resources block of the template

  • Also can you validate the cloudformation template using this command guidelines Validating a template:

    aws cloudformation validate-template
    

    🔌 Validate Template CLI

0

`AWSTemplateFormatVersion: '2010-09-09' Description: | This CloudFormation template defines an AWS WorkSpaces Web UserSettings resource with customizable properties such as copy, paste, download, and upload operations permissions, session disconnect timeout settings, and cookie synchronization configurations.


Parameters:
  CopyAllowedParameter:
    Type: String
    Default: Enabled
    Description: Specifies whether copy operation is allowed.
  DisconnectTimeoutParameter:
    Type: Number
    Default: 60
    Description: The amount of time, in minutes, before a user's session is disconnected after idle.
  DownloadAllowedParameter:
    Type: String
    Default: Enabled
    Description: Specifies whether download operation is allowed.
  IdleDisconnectTimeoutParameter:
    Type: Number
    Default: 15
    Description: The amount of time, in minutes, before a user's session is automatically disconnected after being idle.
  PasteAllowedParameter:
    Type: String
    Default: Enabled
    Description: Specifies whether paste operation is allowed.
  PrintAllowedParameter:
    Type: String
    Default: Enabled
    Description: Specifies whether print operation is allowed.
  UploadAllowedParameter:
    Type: String
    Default: Enabled
    Description: Specifies whether upload operation is allowed.
  CookieDomainParameter:
    Type: String
    Default: microsoftonline.com
    Description: The domain to be allowed for cookie synchronization.
Resources:
  MyVPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: 10.0.0.0/16
      Tags:
        - Key: Name
          Value: MyVPC
  PublicSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.1.0/24
      AvailabilityZone: !Select
        - 0
        - !GetAZs ''
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: PublicSubnet1
  PublicSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.2.0/24
      AvailabilityZone: !Select
        - 1
        - !GetAZs ''
      MapPublicIpOnLaunch: true
      Tags:
        - Key: Name
          Value: PublicSubnet2
  PrivateSubnet1:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.3.0/24
      AvailabilityZone: !Select
        - 0
        - !GetAZs ''
      Tags:
        - Key: Name
          Value: PrivateSubnet1
  PrivateSubnet2:
    Type: AWS::EC2::Subnet
    Properties:
      VpcId: !Ref MyVPC
      CidrBlock: 10.0.4.0/24
      AvailabilityZone: !Select
        - 1
        - !GetAZs ''
      Tags:
        - Key: Name
          Value: PrivateSubnet2
  WebSG:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: Allow HTTP and HTTPS traffic
      VpcId: !Ref MyVPC
      SecurityGroupIngress:
        - IpProtocol: tcp
          FromPort: 80
          ToPort: 80
          CidrIp: 0.0.0.0/0
        - IpProtocol: tcp
          FromPort: 443
          ToPort: 443
          CidrIp: 0.0.0.0/0
  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties: {}
  VPCGatewayAttachment:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref MyVPC
      InternetGatewayId: !Ref InternetGateway
  NetworkSettings:
    Type: AWS::WorkSpacesWeb::NetworkSettings
    Properties:
      VpcId: !Ref MyVPC
      SecurityGroupIds:
        - !Ref WebSG
      SubnetIds:
        - !Ref PublicSubnet1
        - !Ref PublicSubnet2
  Portal:
    Type: AWS::WorkSpacesWeb::Portal
    Properties:
      AuthenticationType: IAM_Identity_Center
      DisplayName: Workspace
      UserSettingsArn: !Ref UserSettings
      BrowserSettingsArn: !Ref BrowserPolicy
      NetworkSettingsArn: !Ref NetworkSettings
  UserSettings:
    Type: AWS::WorkSpacesWeb::UserSettings
    Properties:
      CopyAllowed: !Ref CopyAllowedParameter
      DisconnectTimeoutInMinutes: !Ref DisconnectTimeoutParameter
      DownloadAllowed: !Ref DownloadAllowedParameter
      IdleDisconnectTimeoutInMinutes: !Ref IdleDisconnectTimeoutParameter
      PasteAllowed: !Ref PasteAllowedParameter
      PrintAllowed: !Ref PrintAllowedParameter
      UploadAllowed: !Ref UploadAllowedParameter
      CookieSynchronizationConfiguration:
        Allowlist:
          - Domain: !Ref CookieDomainParameter
          - Name: microsoftonline
          - Path: /
  BrowserPolicy:
    Type: AWS::WorkSpacesWeb::BrowserSettings
    Properties:
      BrowserPolicy: !Sub |
        {
          "chromePolicies": {
            "ManagedBookmarks": {
              "value": []
            },
            "BookmarkBarEnabled": {
              "value": false
            },
            "RestoreOnStartup": {
              "value": 4
            },
            "RestoreOnStartupURLs": {
              "value": [
                "https:/example.com/"
              ]
            },
            "URLBlocklist": {
              "value": []
            },
            "URLAllowlist": {
              "value": []
            },
            "AllowDeletingBrowserHistory": {
              "value": true
            },
            "IncognitoModeAvailability": {
              "value": 0
            }
          }
        }
Outputs:
  NetworkSettingsArn:
    Description: The ARN of the network settings
    Value: !Ref NetworkSettings
    Export:
      Name: NetworkSettingsArn`
Tolu
answered a month ago
  • Ensure the template follows this format: Format.

  • what part?

    could you be more specific ? format link doesn't work

  • Sorry, you're right. Try to validate the template again using this format.

          CookieSynchronizationConfiguration:
            Allowlist:
              - Domain: !Ref CookieDomainParameter
                Name: "microsoftonline"
                Path: "/"
  • Resource handler returned message: "null" (RequestToken: 1db9c942-3b1e-d0dc-ff90-e186ac702138, HandlerErrorCode: InternalFailure)

  • When you pass the Domain without referencing (!Ref CookieDomainParameter), you still get this error: Resource handler returned message: "null" (RequestToken: 1db9c942-3b1e-d0dc-ff90-e186ac702138, HandlerErrorCode: InternalFailure)?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions