cfn-language-discussion icon indicating copy to clipboard operation
cfn-language-discussion copied to clipboard

Published 20 hours ago verified publisher icon aws-cloudformation

ChangeSet creation failure with {{IntrinsicFunction:(stack_name)//Fn::ImportValue}} is not allowed.

Open mrlikl opened this issue 1 year ago • 1 comments

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Tell us about the bug

What goes wrong? Please describe the issue in as much detail as possible.

When a nested stack is referencing a parameter that is passed from the root/parent stack as intrinsic functions, a similar error Usage of {{IntrinsicFunction:stack_name//Fn::ImportValue}} is not allowed. Usage of {{IntrinsicFunction:stack_name/logical_idFn::GetAtt}} is not allowed. is occurring

Expected behavior

Change set to be successfully create

Observed behavior

Change set failure with the error

Test cases

Please include a minimal CloudFormation template here that reproduces the issue

Create a stack with simple S3 bucket

root.yml

AWSTemplateFormatVersion: "2010-09-09"
Resources:
  RootS3Bucket:
    Type: AWS::S3::Bucket

Create change set with a nested stack like below -

root.yml

AWSTemplateFormatVersion: "2010-09-09"
Resources:
  TestRule:
    Type: AWS::CloudFormation::Stack
    Properties:
      TemplateURL: nested.yml
      Parameters:
        TagValue: !GetAtt RootS3Bucket.Arn
  RootS3Bucket:
    Type: AWS::S3::Bucket

nested.yml

AWSTemplateFormatVersion: 2010-09-09
Transform: 'AWS::LanguageExtensions'

Parameters:
  TagValue:
    Type: String

Resources:
  'Fn::ForEach::Buckets':
    - Names
    - - Store1
      - Store2
    - '${Names}Bucket':
        Type: 'AWS::S3::Bucket'
        Properties:
          Tags:
            - Key: parameters
              Value: !Ref TagValue

Additional context

Anything else we should know?

mrlikl avatar Dec 29 '23 08:12 mrlikl

I am also seeing this behavior. I believe that the use of Transform: 'AWS::LanguageExtensions' is correlated with the error.

Like you, I have a nested stack whose input parameters are the result of intrinsic functions in the parent stack. I am also using Transform: 'AWS::LanguageExtensions' in order to add Fn::ForEach to a previously-working nested template. Merely adding Transform: 'AWS::LanguageExtensions' to this previously-working nested template causes the illegal usage error described above.

nsmedira avatar Jan 02 '24 18:01 nsmedira