New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Requires capabilities : [CAPABILITY_IAM] #51

Closed
avizaviz opened this Issue Jan 2, 2017 · 11 comments

Comments

Projects
None yet
@avizaviz

avizaviz commented Jan 2, 2017

Hi,
I am trying to enable serverless deployment with pipline and cloudformation services but failing to do so due to the following error:

My set of commands was:

c:\StackData\lambda>aws cloudformation package --template-file samTemplate.yml --s3-bucket lambdabiot --output-template-file outputTemplate.yml

Successfully packaged artifacts and wrote output template to file outputTemplate.yml.
Execute the following command to deploy the packaged template
aws cloudformation deploy --template-file c:\StackData\lambda\outputTemplate.yml --stack-name <YOUR STACK NAME>

c:\StackData\lambda>
c:\StackData\lambda>aws cloudformation deploy --template-file c:\StackData\lambda\outputTemplate.yml --stack-name ProdStack
Waiting for changeset to be created..

An error occurred (InsufficientCapabilitiesException) when calling the ExecuteChangeSet operation: Requires capabilities : [CAPABILITY_IAM]

@avizaviz avizaviz changed the title from S3 Error Code: PermanentRedirect. to operation: Requires capabilities : [CAPABILITY_IAM] Jan 2, 2017

@avizaviz avizaviz changed the title from operation: Requires capabilities : [CAPABILITY_IAM] to Requires capabilities : [CAPABILITY_IAM] Jan 2, 2017

@bfreis

This comment has been minimized.

bfreis commented Jan 2, 2017

@sanathkr sanathkr added the question label Jan 3, 2017

@sanathkr

This comment has been minimized.

Collaborator

sanathkr commented Jan 3, 2017

adding --capabilities should solve the problem. Let us know if it doesn't

@sanathkr sanathkr closed this Jan 3, 2017

@avizaviz

This comment has been minimized.

avizaviz commented Jan 4, 2017

Thanks

@manpenaloza

This comment has been minimized.

manpenaloza commented Mar 8, 2018

I added the --capabilities CAPABILITY_IAM flag, but still get the the "Access denied" message in my console.

Here's the command I executed:

 aws cloudformation deploy \
   --template-file serverless-output.yaml \
   --stack-name prod \
    --capabilities CAPABILITY_IAM

anytihing else that could cause this? thx for your support!

@davidwebstar34

This comment has been minimized.

davidwebstar34 commented Mar 16, 2018

I have the exact same issue when I run create-stack for a cloudformation template that contains IAM policies.

aws cloudformation create-stack --stack-name iam-stack --template-body file://./iam.yml --capabilities CAPABILITY_IAM --profile dev

An error occurred (InsufficientCapabilitiesException) when calling the CreateStack operation: Requires capabilities : [CAPABILITY_NAMED_IAM]

@brysontyrrell

This comment has been minimized.

brysontyrrell commented Mar 16, 2018

@davidwebstar34 For you, switch --capabilities CAPABILITY_IAM to --capabilities CAPABILITY_NAMED_IAM. If you're not letting CloudFormation name your IAM resources you need to pass this capability.

@bgkpandurang

This comment has been minimized.

bgkpandurang commented Sep 6, 2018

i was also faced this issue ,fixed it by adding --capabilities CAPABILITY_IAM

@shetty-shruti

This comment has been minimized.

shetty-shruti commented Oct 8, 2018

adding --capabilities CAPABILITY_IAM worked for me too. Thanks

@ktajpuri

This comment has been minimized.

ktajpuri commented Oct 8, 2018

adding --capabilities CAPABILITY_IAM fixed the issue for me

@piyushchordia

This comment has been minimized.

piyushchordia commented Oct 10, 2018

Add --capabilities CAPABILITY_NAMED_IAM
This should fix the issue

@C-Kenny

This comment has been minimized.

C-Kenny commented Nov 21, 2018

Thanks @piyushchordia, CAPABILITY_NAMED_IAM worked for me also.

I ended up with a command like:

AWS_DEFAULT_PROFILE=role_name aws cloudformation create-stack --stack-name stack_name --template-url s3_url/template file --parameters file:///local_params.json --capabilities CAPABILITY_NAMED_IAM
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment