Aws-sam-cli: SAM deploy --guided using the provided default CAPABILITY_IAM fails to produce changeset

Created on 5 Mar 2020  路  4Comments  路  Source: aws/aws-sam-cli

Description

While using SAM deploy --guided using the provided default CAPABILITY_IAM fails to produce a changeset. You are required to type CAPABILITY_IAM

Steps to reproduce

From terminal:
sam init
cd sam-app
sam build
sam deploy --debug --guided

Set "Allow SAM CLI IAM role creation" to n.
Hit enter to use default [CAPABILITY_IAM].

Observed result

Configuring SAM deploy
======================

        Looking for samconfig.toml :  Not found

        Setting default arguments for 'sam deploy'
        =========================================
        Stack Name [sam-app]: 
        AWS Region [us-east-1]: 
        #Shows you resources changes to be deployed and require a 'Y' to initiate deploy
        Confirm changes before deploy [y/N]: y
        #SAM needs permission to be able to create roles to connect to the resources in your template
        Allow SAM CLI IAM role creation [Y/n]: n
        Capabilities [CAPABILITY_IAM]: 
        Save arguments to samconfig.toml [Y/n]: y

        Looking for resources needed for deployment: Found!

                Managed S3 bucket: aws-sam-cli-managed-default-samclisourcebucket-test
                A different default S3 bucket can be set in samconfig.toml

        Saved arguments to config file
        Running 'sam deploy' for future deployments will use the parameters saved above.
        The above parameters can be changed by modifying samconfig.toml
        Learn more about samconfig.toml syntax at 
        https://docs.aws.amazon.com/serverless-application-model/latest/developerguide/serverless-sam-cli-config.html

        Deploying with following values
        ===============================
        Stack name                 : sam-app
        Region                     : us-east-1
        Confirm changeset          : True
        Deployment s3 bucket       : aws-sam-cli-managed-default-samclisourcebucket-1oye48gh3rs9h
        Capabilities               : "CAPABILITY_IAM"
        Parameter overrides        : {}

Initiating deployment
=====================
  File with same data is already exists at sam-app/c3c05c5eeade4ecc8d7d3e67de6767fc. Skipping upload
Stack with id sam-app does not exist
File with same data is already exists at sam-app/571d58bd369d3598f3ac86b68beee07d.template. Skipping upload
Unable to create changeset
Traceback (most recent call last):
  File "/usr/local/Cellar/aws-sam-cli/0.43.0/libexec/lib/python3.7/site-packages/samcli/lib/deploy/deployer.py", line 186, in _create_change_set
    resp = self._client.create_change_set(**kwargs)
  File "/usr/local/Cellar/aws-sam-cli/0.43.0/libexec/lib/python3.7/site-packages/botocore/client.py", line 316, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/usr/local/Cellar/aws-sam-cli/0.43.0/libexec/lib/python3.7/site-packages/botocore/client.py", line 599, in _make_api_call
    api_params, operation_model, context=request_context)
  File "/usr/local/Cellar/aws-sam-cli/0.43.0/libexec/lib/python3.7/site-packages/botocore/client.py", line 647, in _convert_to_request_dict
    api_params, operation_model)
  File "/usr/local/Cellar/aws-sam-cli/0.43.0/libexec/lib/python3.7/site-packages/botocore/validate.py", line 297, in serialize_to_request
    raise ParamValidationError(report=report.generate_report())
botocore.exceptions.ParamValidationError: Parameter validation failed:
Invalid type for parameter Capabilities, value: CAPABILITY_IAM, type: <class 'str'>, valid types: <class 'list'>, <class 'tuple'>
Sending Telemetry: {'metrics': [{'commandRun': {'awsProfileProvided': True, 'debugFlagProvided': True, 'region': 'us-east-1', 'commandName': 'sam deploy', 'duration': 11937, 'exitReason': 'ChangeSetError', 'exitCode': 1, 'requestId': '07395376-0c5d-4b4f-84f3-52ef9f6ca557', 'installationId': '8c98f7bf-6f6a-461e-8c61-bd918735bd6c', 'sessionId': '86409618-cb6d-4d13-a8c2-9ace6ff32f95', 'executionEnvironment': 'CLI', 'pyversion': '3.7.6', 'samcliVersion': '0.43.0'}}]}
HTTPSConnectionPool(host='aws-serverless-tools-telemetry.us-west-2.amazonaws.com', port=443): Read timed out. (read timeout=0.1)
Error: Failed to create changeset for the stack: sam-app, Parameter validation failed:
Invalid type for parameter Capabilities, value: CAPABILITY_IAM, type: <class 'str'>, valid types: <class 'list'>, <class 'tuple'>

Expected result

Expected to use default CAPABILITY_IAM and deploy appropriately.

Additional environment details (Ex: Windows, Mac, Amazon Linux etc)

  1. OS: MacOS
  2. sam --version: 0.43.0
stagwaiting-for-release typbug
Source
picture leftfieldhero
👍1

All 4 comments

I'm getting similar error and using sam 0.40.0 on MacOS.

I don't understand why we need to select a value for Capabilities when we say we don't want to allow role creation. It seems like there is no way to prevent "Capabilities" from being passed without a value.

jdonboch picture jdonboch on 5 Mar 2020

It seems like there is no way to prevent "Capabilities" from being passed without a value.

I actually need the capabilities to be used but the default doesn't work correctly without typing it in.

leftfieldhero picture leftfieldhero on 5 Mar 2020

I actually need the capabilities to be used but the default doesn't work correctly without typing it in.

Playing with this more, I discovered if you save the deployment config to the toml file, when you run "sam deploy" after the failure it appears to work fine. So it works fine from the .toml file but not during the initial --guided.

jdonboch picture jdonboch on 5 Mar 2020
👍1

Released in v0.45.0.

Closing

jfuss picture jfuss on 24 Mar 2020
🎉1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

chestongo picture chestongo  路  3Comments
cmccoypdx picture cmccoypdx  路  3Comments
debuggins picture debuggins  路  4Comments
Inkromind picture Inkromind  路  4Comments
Caian picture Caian  路  3Comments