A command-line tool for validating CloudFormation templates quickly.
CloudFormation is great. Unfortunately, the error handling leaves a bit to be desired.
The AWS CLI provided
validate-template
command only
checks your
syntax, not the actual resources, their properties, etc. This means you can think you're successfully creating a new stack, and still get a CREATE_FAIL
. This tool aims to give you quick feedback so you spend less time banging your head against the CloudFormation Console.
npm install -g cfn-check
Usage: cfn-check [options] <template>
Options:
-h, --help output usage information
-V, --version output the version number
-w, --watch Watch template for changes
-p, --pretty Print pretty JSON when valid (regardless of character limit)
-c, --compact Print compact JSON when valid (regardless of character limit)
quiet
don't output anything, just set return code.verbose
increase the logging level.
- JSON is valid.
Ref
s are valid parameters, resources, or pseudo parameters.- All Resource
Type
properties are valid Types as defined in the Resource Types Reference, including Custom Resources. - Validate
AWSTemplateFormatVersion
- Enforce presence
cfn-check
only validates <= '2010-09-09'
- Output compact JSON if over character limit (51,200 bytes) or requested
- Validate Intrinsic
Fn
arguments Fn
s can only be used in resource properties, metadata attributes, and update policy attributes.- Validate
Resources
- Properties
- Conditional fields
- Properties
- Error on limit violations e.g. UserData length, template length, number of resources, etc
- TAP output https://testanything.org/tap-specification.html
- Only output errors?
The resource properties definitions are taken from the CloudFormation User Guide Resource Types Reference.
To update the definitions (stored in data/resources.json) run:
npm run scrape
To run the tests:
npm test
To watch them:
npm run test:watch
The template.json used in tests is taken from the sample templates that AWS provides.
- Inline documentation
- Remove all
areValid
tests in favour of CLI-level testing