I'm using service managed permission to create_stack_instances for an OU, filtered by intersection of a list of accounts and when i run the command, it gives me an error, Can someone please tell me what's wrong with my code here?
error via cli
Parameter validation failed: Unknown parameter in DeploymentTargets: "AccountFilterType", must be one of: Accounts, AccountsUrl, OrganizationalUnitIds
error via lambda
[ERROR] ParamValidationError: Parameter validation failed: Unknown parameter in DeploymentTargets: "AccountFilterType", must be one of: Accounts, AccountsUrl, OrganizationalUnitIds
lambda code:
def add_stack_to_stackset(StackSetName, accountid):
response = CF.create_stack_instances(
StackSetName=StackSetName,
DeploymentTargets={
'OrganizationalUnitIds': ['ou-blah'],
'Accounts': [accountid],
'AccountFilterType': 'INTERSECTION'
},
Regions=['us-east-1']
)
op_id = response['OperationId']
return op_id
cli code
aws cloudformation create-stack-instances --stack-set-name demo --deployment-targets OrganizationalUnitIds=ou-blah,Accounts=12345,AccountFilterType=INTERSECTION --regions us-east-1
Sometimes ValidationErrors are just bugs or occur when you are using an old version of boto3 - for example, in the newest version of boto3 INTERSECTION is a valid parameter (if you are using this version then it is a bug...).
You can always disable request validation:
Disable parameter validation (default is true, parameters are validated). This is a Boolean value that is either true or false. Whenever you make an API call using a client, the parameters you provide are run through a set of validation checks, including (but not limited to) required parameters provided, type checking, no unknown parameters, minimum length checks, and so on. Typically, you should leave parameter validation enabled.