Aws-cdk: Compatibility with cfn-lint

Created on 5 Dec 2019  路  2Comments  路  Source: aws/aws-cdk

:question: General Issue

Compatibility with cfn-lint checks

The CloudFormation templates generated by CDK do not follow all the conventions specified by the cfn-lint repository.

Specifically, we notice that W2001 (Check if Parameters are Used) and I1022 (Use Sub instead of Join) are commonly violated by CDK-generated templates.

Suggestions for solutions:

  1. Change the way CDK synthesizes parameters and string-interpolations to match the conventions in cfn-lint
  2. Add a Metadata entry to templates synthesized by CDK that will exclude the template from certain cfn-lint checks
@aws-cdcore efformedium feature-request managemendevenv
Source
picture jonathanmorley
👍4

All 2 comments

Closing for now

eladb picture eladb on 17 Aug 2020
😕3

cfn-lint rule results from linting a bunch of CDK-generated templates:

aws-cdk $ find . -name "*expected.json" | xargs cfn-lint --include-checks I --include-experimental | grep -Eo '^[EWI][0-9]+' | sort | uniq -c | sort -nr
1283 I1022 # suggesting sub instead of join
 433 W3010 # hardcoded availability zones
 425 E2510 # invalid availability zones
 311 W3005 # unnecessary DependsOn
 112 W2001 # unused Parameter
  77 I3011 # UpdateReplacePolicy/DeletionPolicy missing on stateful resource types
  12 E0000 # Template needs to be an object ([ ] around the whole .json template)
  11 W2506 # AWS::EC2::Image::Id Parameter type
   7 E3012 # CloudFormation typecasts: https://github.com/aws-cloudformation/cfn-python-lint/issues/547
   6 W3011 # only one of UpdateReplacePolicy/DeletionPolicy set
   5 W2501 # hardcoded sensitive properties
   2 E1024 # Fn::Cidr typecasts
   1 E3030 # AllowedValues
   1 E3002 # https://github.com/aws-cloudformation/cfn-python-lint/issues/1577
   1 E1027 # ssm-secure dynamic reference unsupported type: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-ssm-secure-strings
   1 E1020 # Ref as name of output
   1 E0002 # Unknown exception while processing rule W1001: unhashable type: 'dict_node' (Ref as name of output)
PatMyron picture PatMyron on 27 Nov 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

artyom-melnikov picture artyom-melnikov  路  3Comments
PaulMaddox picture PaulMaddox  路  3Comments
schof picture schof  路  3Comments
ababra picture ababra  路  3Comments
nzspambot picture nzspambot  路  3Comments