Lambda SAM deploy giving error 'EC2DescribePolicy' at 'policyArn' failed to satisfy constraint: Member must have length greater than or equal to 20
I'm using AWS SAM to deploy a Lambda using cloudformation. The lambda uses the StartInstancesCommand,StopInstancesCommand and DescribeInstancesCommand api to turn instances on and off on schedule.
Using both the EC2DescribePolicy or EC2FullAccessPolicy SAM policy templates, I have been encountering the following error on:
sam deploy
1 validation error detected: Value 'EC2DescribePolicy' at 'policyArn' failed to satisfy constraint: Member must have length greater than or equal to 20 (Service: AmazonIdentityManagement; Status Code: 400; Error Code: ValidationError;
How can I fix this error? Do I have to specify 'policyArn' manually?
My template.yaml:
AWSTemplateFormatVersion: "2010-09-09"
Transform: AWS::Serverless-2016-10-31
Description: >
test-function
Resources:
TestFunction:
Type: AWS::Serverless::Function
Properties:
CodeUri: test-function/
Handler: app.lambdaHandler
Runtime: nodejs16.x
MemorySize: 512
Timeout: 60
Policies:
- AWSLambdaBasicExecutionRole
- AWSLambdaVPCAccessExecutionRole
- EC2DescribePolicy
Architectures:
- x86_64
Events:
ScheduledEvent:
Type: Schedule
Properties:
Schedule: cron(0 8 * * ? *)
Enabled: True
Version information:
$ sam --version
SAM CLI, version 1.60.0
$ node --version
v16.17.0
$ docker --version
Docker version 20.10.17, build 100c701
$ python3 --version
Python 3.9.6
The documentation states:
For every policy template you specify in your AWS SAM template file, you must always specify an object containing the policy template's placeholder values. If a policy template does not require any placeholder values, you must specify an empty object.
So you should have:
Policies:
- AWSLambdaBasicExecutionRole
- AWSLambdaVPCAccessExecutionRole
- EC2DescribePolicy : {}
- What is the best way of getting files from AWS S3, inserting them into zip and uploading that zip to the bucket?
- Is there any API available for AWS Pricing Calculator
- Append data to an S3 object
- How to handle UnprocessedItems using AWS JavaScript SDK (dynamoDB)?
- How to configure AWS Application Load Balancer to point to multiple ports on the same server
- How to query AWS DynamoDb using GSI Index and FilterExpression
- How to make MSCK REPAIR TABLE execute automatically in AWS Athena
- How to add 'Super' privileges to the Aurora database?
- AWS Elasticache -- How to flush node from console?
- Delete Files when using CloudFront
- zsh: parse error near `\n' when Adding AWS keys as environment variables
- How do I execute a BatchWriteCommand from Lambda to DynamoDB using the @aws-sdk/lib-dynamodb package?
- AWS Deployment Failed due to "HEALTH_CONSTRAINTS"
- Connection between SSO Permission Set and IAM Role
- Creating IAM user via terraform and upload the secret key and access key in S3 bucket
- Is it possible to share Parameter Store keys in another AWS Account for same region?
- pySpark Hadoop AWS s3 requester-pays.enabled config doesn't work
- Sagemaker SDK on lambda function
- How can I deserialize the incoming AWS Lambda request into a lombok @Value or @Data class?
- Tagging s3 in AWS
- Use AWS services without an AWS account
- how to pass environment variables to an aws batch job definition
- Calculate MD5 from AWS S3 ETag
- AWS S3 and AWS storage gateway
- I want to use boto3 in async function, python
- How to tag Images output by AWS Image Builder Pipeline to include the Image in a Lifecycle Policy
- DynamoDB - Key element does not match the schema
- How to upgrade AWS CLI to the latest version?
- Using Github Relase .zip file for Lambda Function
- Install zip module on php 8.2 amazon linux elastic beanstalk