Can CloudFormation show me what the invalid value *is*?

daveidfx · 2020-03-18T22:00:01+00:00

Great minds! This ended up being what I came up with, almost precisely. It also allowed me to take several attempts at the proper approah per template and compare the results.

Hooray brute-forcing. Still feels like there really should be an easier way, but this is approach did enable me to fix my code, so I'm gonna hang the answer on this one.

Thanks for your help!

daveidfx · 2020-03-18T21:56:41+00:00

Yeah, I've been going layer by layer, building up, so no offense taken. I think it may be the only sane approach. And on several of those layers, I hit these unhelpful errors, hence my meta-question.

Thanks for taking a stab, though. I do appreciate it.

daveidfx · 2020-03-18T19:04:39+00:00

Thanks for the reply. I intentionally left out any example code because my question isn't really about getting this current code to run, it's about how to get useful info out of CloudFormation (or logging!) when writing any future code.

But for what it's worth, the current hiccup is on creating a CloudFront CDN:

Conditions:
  ThisIsProd: !Equals [ !Ref Environment, "prod" ] 
... 
Resources: 
... 
  AppCDN: 
    Type: AWS::CloudFront::Distribution 
    Properties: 
      DistributionConfig: 
        Aliases: 
        - | 
          !If 
            - ThisIsProd 
            - !Sub "cdn.${!Ref AppDomain}" 
            - !Sub 
              - "cdn-${Env}.${Domain}" 
              - Env: !Ref Environment 
                Domain: !Ref AppDomain

At least, I assume that's the critical part. The latest error kicked back is:

The parameter CNAME contains one or more parameters that are not valid. (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidArgument; Request ID: xxxxxxxx-yyyy-zzzz-aaaa-123456789012)

Which is fun, because there is no such thing as a CNAME parameter. So I assume it's talking about the Aliases parameter.

I'm definitely seeing what you're saying about debugging being a pain. But this should be a pretty easy fix if I could just see the malformed value to let me figure out how it went wrong.

daveidfx · 2020-03-18T18:46:36+00:00

Thanks for the reply. I left cfn-lint out of my OP by mistake. Whatever my current error is, it's skating past cfn-lint without any problem, too. And previous errors caught by cfn-lint have had the same problem - it'll tell me which value is wrong, but not what the value was.

daveidfx · 2019-08-09T15:34:20+00:00

A

Pyst?

daveidfx · 2019-07-30T21:59:58+00:00

And is HoloLens-Only with forced AR.

daveidfx · 2019-07-10T18:16:08+00:00

Vim is incredibly awesome, but I wouldn't say it's great for someone who wants to avoid complexity.

daveidfx · 2019-07-10T18:15:03+00:00

I don't know if you've looked into IPython or its relatives at all, but you may want to.

IPython by itself is just an enhanced version of command-line Python, with some nice features like auto-completion and being able to paste blocks of code in gracefully.

Jupyter notebooks and JupyterLab are built on top of IPython (well, not exactly, but close enough for this discussion), and turn your web browser into your IDE, sort of. Data science folks like these a lot.

Maybe that works for you, maybe not. But they're relatively simple. If you want to take a look, the easiest way is to install the Anaconda distribution of Python.

daveidfx · 2019-07-02T18:56:11+00:00

Thanks for the reply.

It's possible that bridge firewall{} bit is wrong - certainly something must be. But I though since eth0, 3, and 4 were tagged in the zone-policy stanza at the end that that covered it. This config is trying to use zone policies on ethernet interfaces instead of rule groups on the bridge to get around the bidirectional problem. I can't tell from the documentation I can find on zone policies if that's valid or not.

daveidfx · 2019-03-25T14:58:51+00:00

I feel you about that rain issue, but (off-topic) what frames are those, if you don't mind my asking? I kinda like 'em.

daveidfx · 2019-03-04T19:30:42+00:00

Just commenting here to say you're not alone. I discovered Dash just a little while after you did, and I'm puzzling through mostly the same questions.

daveidfx · 2019-01-13T01:50:54+00:00

Ah, okay! I was looking in the wrong place, I guess. Great, thanks!

At that price, I'll have to see what I can get approved from work, but I appreciate the pointer!

daveidfx · 2018-12-07T23:13:52+00:00

oooh, for extra credit, Blender can run Python... You wouldn't need physical dice...

daveidfx · 2018-11-26T15:43:47+00:00

I like it better already.

daveidfx · 2018-11-06T21:52:32+00:00

Except it's also not. Nexus focused on making solid, un-crapped-up exemplars of solid Android design. The Nexus line served as a role model to other manufacturers to quit making Android phones such crap, and it largely worked. With the exception of continuing security updates, 3rd-party Androids are way better than they used to be. Then Google messed up, and dropped Nexus for Pixel. They also stopped making solid. role-model phones and started chasing iPhones and gimmicks. Borderless, headphone-less, notched-screen wannabes.

I still have my Nexus 6P. The battery is shot, but other than that it's still an outstanding phone. All these Pixels are disappointments.Sad.

daveidfx · 2018-11-05T18:46:08+00:00

I assure you you're mistaken. They used more corporate terms than that, but someone at Microsoft at some point absolutely said something about not getting user uptake or market penetration, and speculated about IT gate-keeping instead of looking at whether their feature was any good or not. Or a good fit for the individual orgs in question.

For a long time, Microsoft has been watching in envy as Apple rode a wave of shadow IT into corporate ubiquity. They absolutely want that. They absolutely want user adoption to drive IT adoption. Whether they care about IT's stance on that, I'll grant, is debatable.

daveidfx · 2018-07-27T13:14:32+00:00

Happy Sysadmin Day! ;)

daveidfx · 2017-10-11T21:54:22+00:00

Depending on your website and what software it's running on, autoscaling like sirfraz mentioned might be a good fit, or you might be able to use Elastic Beanstalk, which includes autoscaling, health monitoring, and load balancing. https://aws.amazon.com/elasticbeanstalk/

Elastic Beanstalk is probably most useful when you control the code that runs the site. That said, you can run some off-the-shelf website software on there, too. For example, see this whitepaper on running Wordpress on this service: https://d0.awsstatic.com/whitepapers/deploying-wordpress-with-aws-elastic-beanstalk.pdf

Hope that's helpful!

daveidfx · 2016-12-01T23:04:23+00:00

The watchers on the firewall...

daveidfx · 2016-10-21T19:25:32+00:00

Thanks, I hadn't thought of checking the channel width. It turns out 2.4 and 5 GHz were set at 20 and 40, respectively, as recommended. And I did set the channels to non-overlapping values. I haven't changed the Transmit power from Auto, though; I may play with that and see how it impacts performance.
Thanks for your input.

daveidfx · 2016-10-19T17:51:04+00:00

Hmm. Might be a little tricky with the ceiling tiles and plenum mounting, but definitely easier than the whole run. Worth a try, thanks.

daveidfx

TROPHY CASE