An attempt to write a json schema (http://json-schema.org) for AWS Cloudformation.
You might be interested in http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-resource-specification.html, which is the official source of machine-readable CloudFormation specification. That is not a JSON Schema in the sense of http://json-schema.org/ but it is comprehensive.
For now, I'm scraping AWS documentation with PyQuery.
This is not your glossy software.
Many things are validated. Some resource properties are not parsed properly, so their values are not validated.
Preliminary hosted version of the schema can be found at http://fungusakafungus.github.io/cloudformation-jsonschema/v0.4/schema.json
The scraping code is in a miserable state.
Use ./validate_template.py tests/examples-aws/Rails_Single_Instance.template
to validate cloudformation templates on the command line.
Use schema.json
programmatically to validate complete Cloudformation templates.
Use resource.json
to validate a single resource.
The schema consists of multiple files, schema.json
, resource.json
and basic_types.json
. To resolve JSON pointers ({"$ref": "basic_types.json#/definitions/string"}
) to files on local filesystem, you'll have to use a special resolver. See val.py
for the example.
Use released hosted version with python-jsonschema:
import jsonschema, requests
schema = requests.get('http://fungusakafungus.github.io/cloudformation-jsonschema/v0.4/schema.json').json()
jsonschema.validate(
{'Resources':{}, 'Outputs':{'o':{'Value':'test'}}},
schema
)
Submit false positive/negative issues with valid and invalid templates.
Create a virtualenv (virtualenv venv; pip install -r requirements.txt
)
You can then scrape AWS documentation for cloudformation resource types and save it as jsonschema:
./create_resource_schema.py resource.json
- specialized validator (the one which will tell you that this resource type is not known)
- tests with valid and invalid fragments for every feature. See
tests/test_stage1_valid.py
- define a type for a basic cfn value (string, number or function call(Ref, Join) object)
- Fn::Base64
- Condition Functions
- Fn::FindInMap
- Fn::GetAtt
- Fn::GetAZs
- Fn::Join
- Fn::Select
- Ref
- number
- string
- integrate/link schema.json and resource.json
- travis/circleci
- validate resource property types (listed here: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-product-property-reference.html)
- validate attributes (
Metadata
,UpdatePolicy
and others) - make json objects more stable (use more OrderedDict)
- reject unknown resource properties: #9