I am creating a Security Group resource via CloudFormation in a yaml template. I am able to create a change set for this, but when I execute the change, the Security Group creation step fails (CREATE_FAILED) with this message:
Resource handler returned message: "null" (RequestToken: <some_token>, HandlerErrorCode: InternalFailure)
Without loss of information, this is how the Security Group is being defined:
MySecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: For allowing something to something when something
GroupName: !Sub some-prefix-${Environment}
Tags:
- Name: Environment
Value: !Sub ${Environment}
VpcId: !Sub ${VpcId}
Surely there's something wrong with this definition, but AWS is keeping it a secret ( :
It turns out the problem was that I had simply misread the documentation on key names. A Security Group Tag is documented as:
Key: String
Value: String
But instead of Key, I was using Name on accident!
I'm documenting this on Stack Overflow just in case anyone else has this error and the solution happens to be similar. I wasn't able to find anything myself online.