Wrong SSM parameter #208
Description
Describe the bug
A wrong SSM parameter for the alfred_ssm usage leads to misleading error message,
e.g. in manifest file:
- name: template1
resource_file: templates/template1.template
parameters:- parameter_key: SNSAssociationTopicArn
parameter_value: "$[alfred_ssm_/org/sharedservice/dns/SNSAssociationTopicArn]"
deploy_method: stack_set
deployment_targets:
accounts:- testaccount
regions:
- testaccount
- eu-central-1
- parameter_key: SNSAssociationTopicArn
and /org/sharedservice/dns/SNSAssociationTopicArn does not exist
leads to
botocore.exceptions.ClientError: An error occurred (AccessDeniedException) when calling the GetParameter operation: User: arn:aws:sts:::assumed-role/Customizations-for-ControlTo-StackSetCodeBuildRole-/AWSCodeBuild- is not authorized to perform: ssm:GetParameter on resource: arn:aws:ssm:eu-central-1::* because no identity-based policy allows the ssm:GetParameter action
To Reproduce
Specify a wrong SSM parameter as input for a stack
Expected behavior
The output of the codebuild should report, that the SSM parameter specified in the manifest file does not exist.
Please complete the following information about the solution:
- Version: v2.7.1
- Region: eu-central-1
- Was the solution modified from the version published on this repository? No
- If the answer to the previous question was yes, are the changes available on GitHub?
- Have you checked your service quotas for the services this solution uses? Yes
- Were there any errors in the CloudWatch Logs? No