cfn-check

1.5.0 • Public • Published

cfn-check

A command-line tool for validating CloudFormation templates quickly.

Overview

CloudFormation is great. Unfortunately, the error handling leaves a bit to be desired.

The AWS CLI provided validate-template command only checks your syntax, not the actual resources, their properties, etc. This means you can think you're successfully creating a new stack, and still get a CREATE_FAIL. This tool aims to give you quick feedback so you spend less time banging your head against the CloudFormation Console.

Installation

npm install -g cfn-check

Usage

Usage: cfn-check [options] <template>

Options:

  -h, --help     output usage information
  -V, --version  output the version number
  -w, --watch    Watch template for changes
  -p, --pretty   Print pretty JSON when valid (regardless of character limit)
  -c, --compact  Print compact JSON when valid (regardless of character limit)

Planned

  • quiet don't output anything, just set return code.
  • verbose increase the logging level.

Checks

  • JSON is valid.
  • Refs are valid parameters, resources, or pseudo parameters.
  • All Resource Type properties are valid Types as defined in the Resource Types Reference, including Custom Resources.
  • Validate AWSTemplateFormatVersion
    • Enforce presence
    • cfn-check only validates <= '2010-09-09'

Planned

  • Output compact JSON if over character limit (51,200 bytes) or requested
  • Validate Intrinsic Fn arguments
  • Fns can only be used in resource properties, metadata attributes, and update policy attributes.
  • Validate Resources
    • Properties
      • Conditional fields
  • Error on limit violations e.g. UserData length, template length, number of resources, etc
  • TAP output https://testanything.org/tap-specification.html
    • Only output errors?

Resource Properties Definitions

The resource properties definitions are taken from the CloudFormation User Guide Resource Types Reference.

To update the definitions (stored in data/resources.json) run:

npm run scrape

Testing

To run the tests:

npm test

To watch them:

npm run test:watch

The template.json used in tests is taken from the sample templates that AWS provides.

To Do

  • Inline documentation
  • Remove all areValid tests in favour of CLI-level testing

install

npm i cfn-check

Downloadsweekly downloads

2

version

1.5.0

license

ISC

last publish

collaborators

  • avatar
Report a vulnerability