while parsing a block collection
CloudFormation / YAML error I haven’t seen recently
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics | Code.
🔒 Related Stories: Bugs | AWS Security | Secure Code | CloudFormation
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
What happened was that I was trying to add an Fn::ForEach to add statements to a KMS key policy for a list of services.
The error is misleading as it throws an error both at the point at which the list of statements start and the point where the For::Each started.
There was no problem with the point where the list started. I had been using that for a while. The problem was this. I inserted the for each without making it a list item like this:
- Sid: Decrypt
Effect: Allow
Principal:
AWS:
!Ref DecryptArnParam
Action:
- 'kms:Decrypt'
- 'kms:DescribeKey'
- !If
- CreateGrantAllowed
- 'kms:CreateGrant'
- !Ref AWS::NoValue
Condition:
!If
- ServiceIsSecretsManager
-
"StringEquals":
"kms:ViaService"…
