My AWS CloudFormation template for Application load balancer is throwing this error: Failed to retrieve external values. Want help in rectifying this issue. I'm not sure where the error is occuring from. I'm guessing the error might be in the certificate parameter section or the tags, maybe the !Sub value is not taking in the value.
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
Name:
Description: Name of the project
Type: String
EnvironmentName:
Description: Environment of the Application Load balancer
Type: String
PublicSubnet:
Description: Subnet for creating the Application Load balancer
Type: List<AWS::EC2::Subnet::Id>
Vpc:
Description: VPC in which the resources are present
Type: AWS::EC2::VPC::Id
Certificate:
Description: Arn of the ssl certificate for HTTPS listener
Type: AWS::CertificateManager::Certificate::Arn
Resources:
SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ALB Security Group
VpcId: !Ref Vpc
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: "80"
ToPort: "80"
CidrIp: "0.0.0.0/0"
- IpProtocol: tcp
FromPort: "443"
ToPort: "443"
CidrIp: "0.0.0.0/0"
Tags:
-
Key: Name
Value: !Sub ${EnvironmentName}-SG
ApplicationLB:
Type: 'AWS::ElasticLoadBalancingV2::LoadBalancer'
Properties:
IpAddressType: ipv4
Name: Test-ALB
Scheme: internet-facing
SecurityGroups:
- !Ref SecurityGroup
Subnets: !Ref PublicSubnet
Tags:
- Key: Name
Value: !Sub ${EnvironmentName}-ALB
Type: application
HTTPSListener:
Type: "AWS::ElasticLoadBalancingV2::Listener"
Properties:
LoadBalancerArn: !Ref ApplicationLB
Port: 443
Protocol: "HTTPS"
SslPolicy: "ELBSecurityPolicy-2016-08"
Certificates:
-
CertificateArn: !Ref Certificate
DefaultActions:
-
Order: 1
Type: "fixed-response"
FixedResponseConfig:
ContentType: "text/plain"
MessageBody: "Please enter proper domain"
StatusCode: "200"
HTTPListener:
Type: "AWS::ElasticLoadBalancingV2::Listener"
Properties:
LoadBalancerArn: !Ref ApplicationLB
Port: 80
Protocol: "HTTP"
DefaultActions:
-
Order: 1
RedirectConfig:
Protocol: "HTTPS"
Port: "443"
Host: "#{host}"
Path: "/#{path}"
Query: "#{query}"
StatusCode: "HTTP_301"
Type: "redirect"
ALBTargetGroup:
Type: 'AWS::ElasticLoadBalancingV2::TargetGroup'
Properties:
HealthCheckIntervalSeconds: 30
HealthCheckTimeoutSeconds: 5
HealthyThresholdCount: 3
Port: 80
Protocol: HTTP
UnhealthyThresholdCount: 5
VpcId: !Ref Vpc
Need clarification.
The error is related to the Type mentioned for the Certificate parameter.
Change it to String as below and pass certificate Arn as the value.
Certificate:
Description: Arn of the ssl certificate for HTTPS listener
Type: String
Sample parameters.json file
[
{
"ParameterKey": "EnvironmentName",
"ParameterValue": "dev"
},
{
"ParameterKey": "Name",
"ParameterValue": "stackoverflow"
},
{
"ParameterKey": "Vpc",
"ParameterValue": "vpc-0e104f6ad273a6648"
},
{
"ParameterKey": "PublicSubnet",
"ParameterValue": "subnet-0c2fc6571a7a6db2e, subnet-05a36fdef379c4fcd"
},
{
"ParameterKey": "Certificate",
"ParameterValue": "arn:aws:acm:us-east-1:111111111111:certificate/11ad06f1-b625-44b2-9797-4ecd81451af2"
}
]