circular dependency between resources in CloudFormation template

After try some trial for fix template I had found correct way to prevent circular dependency -

`stack operations go through the following order:

1. create ExternalTablesRolesStack
2. create ExternalTableColumnsParser
3. create ExternalTableColumnsParserOnPlaceFileEventPermission
4. create ExternalTablesBucket
5. create WriteWorkingBucketPolicy ExternalTablesBucket comes later than ExternalTableColumnsParser. But old template let ExternalTableColumnsParser to depend on ExternalTablesBucket `

Here is the correct template -

Resources:

  ExternalTablesRolesStack:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: !Sub "${LibStackPath}/roles/template.yaml"

  ExternalTablesBucket:
    # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html
    Type: AWS::S3::Bucket
    Properties:
      LifecycleConfiguration:
        Rules:
          - Id: LifeCycleRule
            ExpirationInDays: 7
            Status: Enabled

  ExternalTableColumnsParser:
      # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-function.html
      Type: AWS::Serverless::Function
      Properties:
        Environment:
          Variables:
            Stage: !Ref Stage
        Events:
          OnPlaceFileEvent:
            Type: S3
            Properties:
              Bucket: !Ref ExternalTablesBucket  # must be defined in same template
              Events: s3:ObjectCreated:Put
              Filter:
                S3Key:
                  Rules:
                    - Name: suffix
                      Value: .csv
        Handler: schema_parser.app.lambda_handler
        Role: !GetAtt ExternalTablesRolesStack.Outputs.ServerlessFunctionRole

  WriteWorkingBucketPolicy:
    Type: AWS::IAM::Policy
    Properties:
      PolicyName: AllowWriteInternalBucket
      PolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Action:
              - s3:PutObject
              - s3:DeleteObject
            Resource:
              - !Sub ["arn:aws:s3:::${Name}/*", Name: !Ref ExternalTablesBucket]
      Roles:
        - !GetAtt ExternalTablesRolesStack.Outputs.ServerlessFunctionRoleName

Have a good look at your "DependsOn" statements. They should be used sparingly, only in situations where CloudFormation needs to be told that resource A must be created before resource B or else creation of resource B will fail.

Looking at for example:

  ParameterExternalTablesBucket:
    # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-parameter.html
    Type: AWS::SSM::Parameter
    DependsOn: ExternalTablesBucket

You shouldn't have a DependsOn here because there is no need for the bucket to exist when you're creating the SSM parameter. You're just setting a string value in the parameter that has no meaning to CloudFormation.

Basically, remove all your DependsOn statements and you'll be able to tell by the CloudFormation errors if it turns out you really need any.

Your ExternalTablesBucket has a DependsOn for WriteWorkingBucketPolicy

Your WriteWorkingBucketPolicy has a Ref to ExternalTablesBucket

Remove the DependsOn under ExternalTablesBucket