Adrien Merlier
Reputation: 351
Cloudformation template throws "Encountered unsupported property Statement"
I am trying to construct a Cloudformation template where CloudTrail will store the logs from my VPC in a S3 Bucket. When I try to launch the model, I get a " Encountered unsupported property Statement" for the bucket policy.
Here is the JSON I use:
"LogBucketPolicy": {
"Type": "AWS::S3::BucketPolicy",
"Properties": {
"Bucket": {
"Ref": "LogBucket"
},
"Statement": [
{
"Sid": "AWSCloudTrailAclCheck",
"Effect": "Allow",
"Principal": {
"Service": "cloudtrail.amazonaws.com"
},
"Action": "s3:GetBucketAcl",
"Resource": {
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "LogBucket"
}
]
]
}
},
{
"Sid": "AWSCloudTrailWrite",
"Effect": "Allow",
"Principal": {
"Service": "cloudtrail.amazonaws.com"
},
"Action": "s3:PutObject",
"Resource": {
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "LogBucket"
},
"/AWSLogs/",
"XXXXXXXXXXXX",
"/*"
]
]
},
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "bucket-owner-full-control"
}
}
}
]
}
This template is taken from an AWS example, therefore I am a bit confused on I made a mistake.
Upvotes: 2
Views: 16330
Answers (1)
krishna_mee2004
Reputation: 7356
The problem is that for the type AWS::S3::BucketPolicy, the expected properties are Bucket and PolicyDocument. In your template, you don't have PolicyDocument. Instead, you have Statement. That should resolve the issue. CloudFormation template references can be found here.
Bucket policy snippet (that I am referring to) can be found below:
"BucketPolicy" : {
"Type" : "AWS::S3::BucketPolicy",
"Properties" : {
"Bucket" : {"Ref" : "S3Bucket"},
"PolicyDocument" : {
"Version": "2012-10-17",
"Statement": [
{
Upvotes: 2
Related Questions
- Template format error: unsupported structure seen in AWS CloudFormation
- AWS cloudformation error: Template validation error: Invalid template parameter property
- AWS CloudFormation : Invalid template property or properties [Type, Properties]
- CloudFormation Template format error: Every Parameters object must contain a Type member
- AWS CloudFormation Template format error: Unresolved resource dependencies <s3 bucket> in the Resources block of the template
- Where exactly is the error in the CloudFormation template?
- AWS Cloudformation error: Template format error: Invalid outputs property : [Ref]
- AWS CloudFormation: Template format error: At least one Resources member must be defined
- CloudFormation - Template contains errors.: Invalid template parameter property 'Properties'
- CloudFormation gives "Invalid template property or properties" error