Error: "Unable to proceed, because the template is invalid: unhandled error"
rene84 opened this issue · 1 comments
First of all, thank you very much for writing this tool. If it works as advertised, it will be an absolute life-saver for us.
I am unfortunately not versed in Rust (Java/TS background) otherwise I would've probably been able to debug this myself
We are seeing the following error:
cfn-teleport --source reconciliation-dev-tables --target reconciliation-dev-reconciliation-service --resource ReconciliatonDetailsTable --resource SettlementDetailsTable --yes
The following resources will be moved from stack reconciliation-dev-tables to reconciliation-dev-reconciliation-service:
AWS::DynamoDB::Table ReconciliatonDetailsTable reconciliation-dev-details
AWS::DynamoDB::Table SettlementDetailsTable reconciliation-dev-settlement-details
Error: "Unable to proceed, because the template is invalid: unhandled error"
Using AWS_REGION and AWS_PROFILE to guide the aws credentials chain. The profile is using AWS SSO (not sure this is relevant because I don't suspect a permissions issue here)
How can I convince cfn-teleport to share moar debugging information with me?
Can this be related to dependencies between resources within the source stack?
Edit: thinking about this some more and reading through the code, it might be that having exports in the source stack can cause the new template to be invalid after cfn-teleport attempts to remove the resources from the source stack. I don't see any code that looks up the exports to remove them together with the resource
Ok, I learned a lot about how cfn-teleport works by printing the template in this error clause:
for template in vec![
template_retained.clone(),
template_removed.clone(),
template_target.clone(),
template_target_with_deletion_policy.clone(),
] {
let template_json = &template.clone();
let result = validate_template(&client, template).await;
if result.is_err() {
println!("{}", template_json);
return Err(format!(
"Unable to proceed, because the template is invalid: {}",
result.err().unwrap()
)
.into());
}
}
A few things that prevent me from moving my resource:
- the resource is referenced in the exports. This breaks the teleporting because the resulting source template is invalid since the dependency is gone
- the resource uses parameters, this also breaks the teleporting because cfn-teleport doesn't copy the parameter values from the source stack when executing the change set to remove the resource from the source stack
- the resource uses parameters, this breaks because that parameter MUST also be present in the target template otherwise the target stack is invalid (parameter not found)
I will now try to change the resources in my source template to not use any parameters