I am creating a cloudformation template that creates a stack, layers and applications. The applications have a database configuration as Datasources :
"AdminApp": {
"Type": "AWS::OpsWorks::App",
"Properties": {
"AppSource" : {
"Type" : "git",
"Url" : "git://github.com:myrepo/adminapp.git",
"Revision" : "master"
},
"DataSources":[{
"Arn" : { "Ref" : "RegisterRDStoStack" },
"DatabaseName" : "fadmin",
"Type" : "RdsDbInstance"
}],
"Description": "Administration",
"Name" : "admin-api",
"Shortname" : "admin_api",
"StackId" : {"Ref": "Stack"},
"Type" : "php"
}
},
The database in the property Datasources sould be registered first to the stack so that the applications can have access to it. As AWS didn't implement yet the creation of an RDS layer in the opsworks stack by using Cloudformation, so I created a CustomResource as a workaround :
"RegisterRDStoStack" : {
"Type": "Custom::RDSLayer",
"Version" : "1.0",
"Properties" : {
"ServiceToken": {"Ref" : "RDSInstanceARN"},
"StackId" : {"Ref" : "Stack" },
"User" : {"Ref" : "UserDB" },
"Password" : {"Ref" : "PasswordDB" }
}
},
When testing the template I get this error :
CREATE_FAILED Custom::RDSLayer RegisterRDStoStack Invalid service token
So it seems that there is an error, but don't know what exactly. I properly provided the ARN of the database. What Am I supposed to do to make this work please? Any idea ?
You need to provide the ARN of the Lambda function (e.g., {"Ref": "MyLambdaFunction"}) as the ServiceToken parameter for a Custom Resource. See the documentation for ServiceToken:
The service token that was given to the template developer by the service provider to access the service, such as an Amazon SNS topic ARN or Lambda function ARN. The service token must be from the same region in which you are creating the stack.