AWS-RunCfnLint - Amazon Systems Manager Automation runbook reference
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).



This runbook uses an Amazon CloudFormation Linter ( cfn-python-lint ) to validate YAML and JSON templates against the Amazon CloudFormation resource specification. The AWS-RunCfnLint runbook performs additional checks, such as ensuring that valid values have been entered for resource properties. If validation is not successful, the RunCfnLintAgainstTemplate step fails and the linter tool's output is provided in an error message. This runbook is using cfn-lint v0.24.4.

Run this Automation (console)

Document type





Linux, macOS, Windows


  • AutomationAssumeRole

    Type: String

    Description: (Optional) The Amazon Resource Name (ARN) of the Amazon Identity and Access Management (IAM) role that allows Systems Manager Automation to perform the actions on your behalf. If no role is specified, Systems Manager Automation uses the permissions of the user that starts this runbook.

  • ConfigureRuleFlag

    Type: String

    Description: (Optional) Configuration options for a rule to pass to the --configure-rule parameter.

    Example: E2001:strict=false,E3012:strict=false.

  • FormatFlag

    Type: String

    Description: (Optional) Value to pass to the --format parameter to specify the output format.

    Valid values: Default | quiet | parseable | json

    Default: Default

  • IgnoreChecksFlag

    Type: String

    Description: (Optional) IDs of rules to pass to the --ignore-checks parameter. These rules are not checked.

    Example: E1001,E1003,W7001

  • IncludeChecksFlag

    Type: String

    Description: (Optional) IDs of rules to pass to the --include-checks parameter. These rules are checked.

    Example: E1001,E1003,W7001

  • InfoFlag

    Type: String

    Description: (Optional) Option for the --info parameter. Include the option to enable additional logging information about the template processing.

    Default: false

  • TemplateFileName

    Type: String

    Description: The name, or key, of the template file in the S3 bucket.

  • TemplateS3BucketName

    Type: String

    Description: The name of the S3 bucket containing the packer template.

  • RegionsFlag

    Type: String

    Description: (Optional) Values to pass to the for --regions parameter to test the template against specified Amazon Web Services Regions.

    Example: us-east-1,us-west-1

Document Steps

RunCfnLintAgainstTemplate – Runs the cfn-python-lint tool against the specified Amazon CloudFormation template.


RunCfnLintAgainstTemplate.output – The stdout from the cfn-python-lint tool.