I was editing some Cloud Formation today and when I tried to deploy it, I was getting this lengthy, unhelpful error message:

An error occurred (ValidationError) when calling the CreateChangeSet operation: 1 validation error detected: Value ‘[AWS:SSM::Parameter, AWS::SNS::Topic]’ at ‘typeNameList’ failed to satisfy constraint: Member must satisfy constraint: [Member must have length less than or equal to 204, Member must have length greater than or equal to 10, Member must satisfy regular expression pattern: [A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}::[A-Za-z0-9]{2,64}(::MODULE){0,1}]

It was only showing up when I was tried adding a new SSM parameter resource to the template, so I first thought it was some weird problem with the parameter name or value. But after changing both to something that would work, I was still seeing this.

Turns out the problem was that I was missing a colon in the resource type. Instead of using AWS::SSM::Parameter, I was using AWS:SSM::Parameter (note the single colon just after “AWS”). Just looking at the error message again, I notice that this was actually being hinted to me, both in the regular expression and the “Value” list.

I know making good error messages take effort, and for most developers this tend to be an afterthought. I’m just as guilty of this as anyone else. But if I could make just one suggestion on how this message could be improved, it would be to get rid of the list in “Value” and replace it with the resource type that was actually failing validation. It would still be a relatively unhelpful error message but at least it will indicate what part of the template was actually falling over.

In any case, if anyone else is seeing an error message like this when you’re trying to roll out Cloud Formation changes, check for missing colons in your resource types.