- Newest
- Most votes
- Most comments
After try some trial for fix template I had found correct way to prevent circular dependency -
`stack operations go through the following order:
- create ExternalTablesRolesStack
- create ExternalTableColumnsParser
- create ExternalTableColumnsParserOnPlaceFileEventPermission
- create ExternalTablesBucket
- create WriteWorkingBucketPolicy ExternalTablesBucket comes later than ExternalTableColumnsParser. But old template let ExternalTableColumnsParser to depend on ExternalTablesBucket `
Here is the correct template -
Resources:
ExternalTablesRolesStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub "${LibStackPath}/roles/template.yaml"
ExternalTablesBucket:
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html
Type: AWS::S3::Bucket
Properties:
LifecycleConfiguration:
Rules:
- Id: LifeCycleRule
ExpirationInDays: 7
Status: Enabled
ExternalTableColumnsParser:
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html
Type: AWS::Serverless::Function
Properties:
Environment:
Variables:
Stage: !Ref Stage
Events:
OnPlaceFileEvent:
Type: S3
Properties:
Bucket: !Ref ExternalTablesBucket # must be defined in same template
Events: s3:ObjectCreated:Put
Filter:
S3Key:
Rules:
- Name: suffix
Value: .csv
Handler: schema_parser.app.lambda_handler
Role: !GetAtt ExternalTablesRolesStack.Outputs.ServerlessFunctionRole
WriteWorkingBucketPolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: AllowWriteInternalBucket
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- s3:PutObject
- s3:DeleteObject
Resource:
- !Sub ["arn:aws:s3:::${Name}/*", Name: !Ref ExternalTablesBucket]
Roles:
- !GetAtt ExternalTablesRolesStack.Outputs.ServerlessFunctionRoleName
Have a good look at your "DependsOn" statements. They should be used sparingly, only in situations where CloudFormation needs to be told that resource A must be created before resource B or else creation of resource B will fail.
Looking at for example:
ParameterExternalTablesBucket:
# http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-parameter.html
Type: AWS::SSM::Parameter
DependsOn: ExternalTablesBucket
You shouldn't have a DependsOn here because there is no need for the bucket to exist when you're creating the SSM parameter. You're just setting a string value in the parameter that has no meaning to CloudFormation.
Basically, remove all your DependsOn statements and you'll be able to tell by the CloudFormation errors if it turns out you really need any.
Your ExternalTablesBucket
has a DependsOn for WriteWorkingBucketPolicy
Your WriteWorkingBucketPolicy
has a Ref to ExternalTablesBucket
Remove the DependsOn under ExternalTablesBucket
Relevant content
- Accepted Answer
- AWS OFFICIALUpdated 4 years ago
- AWS OFFICIALUpdated 3 days ago
- AWS OFFICIALUpdated 2 months ago
Good news! So you removed all the DependsOn as I suggested - please Accept my answer if you have a moment, to help other people find it.