Description of problem: We have added IAM role assignment to a template and received the CAPABILITY_IAM error. # EITHER aws-sdk gem that is used for an orchestration template deployment and doesn't included option for CAPABILITY_IAM settings OR cloudForms doesn't handle IAM role assignment properly. ////////////////////////// ERROR -- : Q-task_id([service_template_provision_task_2000000000716]) MiqAeServiceModelBase.ar_method raised: <MiqException::MiqOrchestrationProvisionError>: <Requires capabilities : [CAPABILITY_IAM]> We have tested to deploy the same template outside of Cloudforms via the AWS Command Line successfully. You can specify -capabilities CAPABILITY_IAM parameter in command line. How can we specify it in Cloudforms? command example: C:\>aws cloudformation create-stack --stack-name CloudFormationSandbox --templat e-body file://C:\AWS\CloudFormsTemplate.template --parameters ParameterKey=KeyNa me,ParameterValue=opssun ParameterKey=AppCode,ParameterValue=mdt ParameterKey=Ap pLayer,ParameterValue=web ParameterKey=ENV,ParameterValue=dev ParameterKey=ADZon e,ParameterValue=SunOps-EBZAWS-DEV ParameterKey=ADdomain,ParameterValue=ohs.xxx xxx.com --output text --capabilities CAPABILITY_IAM Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
New commit detected on ManageIQ/manageiq-providers-amazon/master: https://github.com/ManageIQ/manageiq-providers-amazon/commit/421d1706def8992d625664cbe2d34ed36dc958a9 commit 421d1706def8992d625664cbe2d34ed36dc958a9 Author: Bill Wei <bilwei> AuthorDate: Mon Nov 28 17:10:21 2016 -0500 Commit: Bill Wei <bilwei> CommitDate: Fri Dec 2 17:46:51 2016 -0500 Support all options to create orchestration stacks Now accept all options that Cloudformation recognizes while creating a stack https://bugzilla.redhat.com/show_bug.cgi?id=1385712 .../orchestration_service_option_converter.rb | 56 ++++++++++++- .../orchestration_service_option_converter_spec.rb | 93 ++++++++++++++++++++++ 2 files changed, 145 insertions(+), 4 deletions(-) create mode 100644 spec/models/manageiq/providers/amazon/cloud_manager/orchestration_service_option_converter_spec.rb
With the above code enhancement we now support all Cloudformation stack options. Our old auto-generated service dialog only have two options namely on_failure and timeout_in_minutes. In order to test additional options user will need to manually add component to accept input from UI with the following hardcoded field name stack_notifications - a text area box, each line is an ARN stack_capabilities - a drop down list for capabilities stack_resource_types - a text area box, each line is an allowed resource type filter stack_role - a text box for the role ARN stack_policy - a text area box for the JSON formatted policy, or just the policy URL stack_tags - a text area box, each line is one tag key and value pair, in the format key => value For upstream we will update the service dialog generation tool to include inputs for these new options. It will not be ported to existing downstreams; they will need to be manually added.
Fixed in 5.8.0.12-rc1.20170425180304_4f35996