AWS Stack Update Error: Feature Required: [CAPABILITY_IAM]

Question

AWS Stack Update Error: Feature Required: [CAPABILITY_IAM]

When creating a stack with CloudFormation, I get this error:

Stack update error: Requires capabilities : [CAPABILITY_IAM]

I cannot find a template to add CAPABILITIES_IAM to the CloudFormation configuration.

+6

amazon-web-services amazon-cloudformation

Eric Nord Dec 20 '16 at 15:42

source share

2 answers

If you use the AWS CLI, you can add an additional parameter to the aws cloudformation create-stack command, which explicitly states that you want to provide these features.

(this is the CLI equivalent for flagging in another answer here).

The parameter is --capabilities CAPABILITY_IAM , so your command will look like this:

aws cloudformation create-stack --stack-name $STACK_NAME --capabilities CAPABILITY_IAM

Hope that helps

+2

gsaslis Dec 21 '16 at 11:34

source share

Eric Nord · Accepted Answer · 2016-12-20T15:45:12+0000

Turns out you need to check the box on the last screen to create the stack | update:

In CodePipeline CloudFormation, you can add it to allow the created change_set to be executed in the deployment action:

 Configuration: StackName: !Ref GitHubRepository ActionMode: CHANGE_SET_REPLACE Capabilities: CAPABILITY_NAMED_IAM RoleArn: arn:aws:iam::818272543125:role/events-list-codepiplinerole ChangeSetName: !Join ["",[!Ref GitHubRepository, "-changeset"]] TemplatePath: MyAppBuild::sam_post.yaml

In aws cli append

 --capabilities CAPABILITY_IAM

or

 --capabilities CAPABILITY_NAMED_IAM

To your team:

 aws cloudformation create-stack --stack-name message-store --template-body file://bucket_with_keys.yaml --parameters file://cfg_bucket_with_keys.json --capabilities CAPABILITY_NAMED_IAM

This does not apply to the cloudformation --validate pattern, since it does not actually create resources.

AWS Stack Update Error: Feature Required: [CAPABILITY_IAM]

More articles: