AWS: A client error (InsufficientCapabilitiesException) — Requires capabilities : [CAPABILITY_IAM]

Автор: | 08/19/2016
 

aws-logo-square-02Во время запуска CloudFormation с шаблонов, в который включён ресурс AWS::IAM::User — ошибка:

$ aws cloudformation create-stack --stack-name SwarmSetup1 --template-body file:////home//setevoy//PycharmProjects//Swarm-cluster/SwarmVPC.template

A client error (InsufficientCapabilitiesException) occurred when calling the CreateStack operation: Requires capabilities : [CAPABILITY_IAM]

Описание ресурса выглядит так:

...
    "CfnUser" : {
      "Type": "AWS::IAM::User",
      "Properties": {
        "Path": "/",
        "Policies": [
          {
            "PolicyName": "root",
            "PolicyDocument": {
              "Statement": [
                {
                  "Effect": "Allow",
                  "Action": "cloudformation:DescribeStackResource",
                  "Resource": "*"
                }
              ]
            }
          }
        ]
      }
    },
...

Решение — добавить параметр --capabilities CAPABILITY_IAM:

$ aws cloudformation create-stack --stack-name SwarmSetup1 --template-body file:////home//setevoy//PycharmProjects//Swarm-cluster/SwarmVPC.template  --capabilities CAPABILITY_IAM
{
    "StackId": "arn:aws:cloudformation:eu-west-1:264418146286:stack/SwarmSetup1/d60abb30-6469-11e6-8e03-50a686326036"
}

Готово.