AWS Cloud Formation.Requires capabilities : [CAPABILITY_IAM] (Child Stack)

Solution 1:

I just ran into this issue, my problem was that I did not check the checkbox "I acknowledge that this template might cause AWS CloudFormation to create IAM resources." on the last screen before updating my stack.enter image description here

Solution 2:

If your are using CLI or boto, you can include the "capabilities" parameter. This takes in a list, but the only accepted entry right now is 'CAPABILITY_IAM'.

cf.update_stack(..., capabilities=['CAPABILITY_IAM'])

or

cf.create_stack(..., capabilities=['CAPABILITY_IAM'])

This grants the entire stack tree IAM creation permissions.

Tags:

Amazon Web Services

Amazon Cloudformation

Recent Posts