INIT

During my last work with AWS CloudFormation I spent hours to debug an Invalid value for the parameter Policy error which I couldn’t explain at all.

In the CloudFormation code I wrote down, the following condition has been added which look completely fine but wasn’t.

Condition:
  ArnEquals:
    - SourceARN

During stack creation the Invalid value for the parameter Policy appeared and either I nor the Internet had a precise answer for this kind of error.

After starting debugging section by section and some hours later the error was finally located! The SourceArn was added in the ArnEquals condition without aws:SourceArn: prefix, so it was valid yaml but not valid CloudFormation code.

Condition:
  ArnEquals:
    - aws:SourceArn: !Sub

Takeaway

Even if you’re completely convinced that your CloudFormation code is correct and you’ve errors which you can’t explain check again!