An attempt to write a json schema (http://json-schema.org) for AWS Cloudformation.
For now, I'm scraping AWS documentation with PyQuery.
This is not your glossy software.
current state
Many things are validated. Some resource properties are not parsed properly, so their values are not validated.
Preliminary hosted version of the schema can be found at http://fungusakafungus.github.io/cloudformation-jsonschema/v0.4/schema.json
The scraping code is in a miserable state.
how to use
Use ./validate_template.py tests/examples-aws/Rails_Single_Instance.template
to validate cloudformation templates on the command line.
Use schema.json
programmatically to validate complete Cloudformation templates.
Use resource.json
to validate a single resource.
The schema consists of multiple files, schema.json
, resource.json
and basic_types.json
. To resolve JSON pointers ({"$ref": "basic_types.json#/definitions/string"}
) to files on local filesystem, you'll have to use a special resolver. See val.py
for the example.
Use released hosted version with python-jsonschema:
import jsonschema, requests
schema = requests.get('http://fungusakafungus.github.io/cloudformation-jsonschema/v0.4/schema.json').json()
jsonschema.validate(
{'Resources':{}, 'Outputs':{'o':{'Value':'test'}}},
schema
)
how to contribute
Submit false positive/negative issues with valid and invalid templates.
hack the schema:
Create a virtualenv (virtualenv venv; pip install -r requirements.txt
)
You can then scrape AWS documentation for cloudformation resource types and save it as jsonschema:
./create_resource_schema.py resource.json
TODO
- specialized validator (the one which will tell you that this resource type is not known)
- tests with valid and invalid fragments for every feature. See
tests/test_stage1_valid.py
- define a type for a basic cfn value (string, number or function call(Ref, Join) object)
- Fn::Base64
- Condition Functions
- Fn::FindInMap
- Fn::GetAtt
- Fn::GetAZs
- Fn::Join
- Fn::Select
- Ref
- number
- string
- integrate/link schema.json and resource.json
- travis/circleci
- validate resource property types (listed here: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-product-property-reference.html)
- validate attributes (
Metadata
,UpdatePolicy
and others) - make json objects more stable (use more OrderedDict)
- reject unknown resource properties: fungusakafungus#9