I tried to set a SNS Subscription for a Lambda function, with existing SNS Topic with ARN. If I set the ARN "manually" everything works as it should.

I configured the parameters as follows:

custom:
  requestTopicName: 'requests'

functions:
  handleInstallRequests:
      description: This function subscribes to SNS and handles the installation requests.
      runtime: python3.7
      memorySize: 128
      timeout: 30
      handler: install_req_handler.lambda_handler
      events:
        - sns:
            arn: "arn:aws:sns:#{AWS::Region}:#{AWS::AccountId}:${self:custom.requestTopicName}"
            filterPolicy:
              action: ["installation_request"]

When packaging, the pseudo-parameters do not get replaced, and the CloudFormation template ends up containing:

...
"TopicArn": {
          "Fn::Sub": "arn:aws:sns:${AWS::Region}:${AWS::AccountId}:requests"
        },
...

I am using serverless-python-requirements for packaging.

Am I doing something wrong, or is this a bug?

Hi all.

We've started to use the serverless-pseudo-parameters plugin, to improve our serverless.yml file, however, some of our developers are getting the following error:

Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1

Is there a way to run serverless with this plugin enabled locally and not have the AWS CLI installed on the user's machine.

Thanks,

The new ${aws:blah} variables look great.

But they don't work with serverless-offline !!!

Your plugin has the common sense to not try to connect to AWS when running in offline mode.

I'd recommend that anyone using serverless offline (and let's be honest, that should be everyone) should continue using this plugin until serverless has fixed it's bug.

would that be possible to do ?

With serverless-plugin-split-stacks: 1.7.0 and serverless: 1.38.0,

1 validation error detected: Value 'arn:#{AWS::Partition}:lambda:us-east-1:123456789012:function:fake-name-authorizer' at 'functionName' failed to satisfy constraint: Member must satisfy regular expression pattern: (arn:(aws[a-zA-Z-]*)?:lambda:)?([a-z]{2}((-gov)|(-iso(b?)))?-[a-z]+-\d{1}:)?(\d{12}:)?(function:)?([a-zA-Z0-9-_]+)(:(\$LATEST|[a-zA-Z0-9-_]+))? (Service: AWSLambda; Status Code: 400; Error Code: ValidationException; Request ID: 8bdef293-3d51-11e9-a53f-535a5b27c45f)

It does not replace pseudo parameters in the split stack files.

Why wait until before:deploy:deploy to replace? can we get it to be much early. Looking at split stacks, it starts at 'after:aws:package:finalize:mergeCustomProviderResources'. So was thinking if there is a stage before that where pseudo parameter replacement can take place? like 'before:aws:package:finalize:mergeCustomProviderResources'.

Hi,

I noticed that npmjs is not providing a link to the github page: https://www.npmjs.com/package/serverless-pseudo-parameters

I think the definition you have in package.json is wrong and npmjs isn't picking it up. Maybe try the following definition:

"repository": {
    "type": "git",
    "url": "https://github.com/svdgraaf/serverless-pseudo-parameters"
  },

Hi,
I am trying to set the AWS ACCOUNT_ID and Region as an environment variable but with no luck.
I have added it under provider as follows:

provider:
  name: aws
  runtime: nodejs10.x
  stage: ${opt:stage, 'dev'}
  environment:
    REGION: '#{AWS::Region}'
    AWS_ACOUNT_ID: '#{AWS::AccountId}'

After this, the env variable was added to some of the lambdas correctly and in the other ones was just a plain text as follows:

I tried this on function level and global level and the same issue occurs.
The only difference I found between the functions that were getting the right values is that they are connected to an API Gateway, but all lambdas that aren't don't get the right value.

The feature to substitute hard-coded regions is very useful, but I think it would be nicer if it's turned off by default.

So instead of disabling the feature on every repo which performs cross-account actions using

pseudoParameters:
    skipRegionReplace: true

I think it would be nicer to explicitly enable the feature like so

pseudoParameters:
    enableRegionReplace: true

What are your thoughts? Feel free to close this issue if the current logic is preferred.

The earlier evaluation means that "#{AWS::StackName}-lock" is no longer being substituted. This is working in v1.3.2.

resources:
  Resources:
    lambdaLockDb:
      Type: 'AWS::DynamoDB::Table'
      ...
      TableName: "#{AWS::StackName}-lock"

provider:
  name: aws
  ...
  environment:
    LOCK_TABLE: ${self:custom.lockTableName}
custom:
  lockTableName: "#{AWS::StackName}-lock"

Forgive me, I'm a bit new to the serverless platform.

I'm trying to send asw pseudo params as environment variables into my lambda functions so I can construct arns in there for publishing to sns. I have config like:

provider:
    ...
    environment:
        AWS_ACCOUNT_ID: '#{AWS::AccountId}'

upon sls deploy everything works great.
If I subsequently sls deploy -f myFcn, the pseudo params are not substituted but are in fact overwritten. In the aws console, the value of the env variables is the unsubstituted string '#{AWS::AccountId}'. Then even a full deploy won't reset the env vars and I have to sls remove and sls deploy to get the env vars to reset.

Is this me just not understanding the sls lifecycle with regard to deploy -f? or is there some way to get the plugin to substitute the vars for function deploys.

Hi,

I used your plugin to handle adding in the account ID to my SQS queue ARN, which worked great when deploying. However, when running locally (serverless offline start) I get the following error:

(node:20672) UnhandledPromiseRejectionWarning: Invalid request: MissingQueryParamRejection(QueueName), MissingFormFieldRejection(QueueUrl): Invalid request: MissingQueryParamRejection(QueueName), MissingFormFieldRejection(QueueUrl); see the SQS docs.
    at Request.extractError (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/protocol/query.js:50:29)
    at Request.callListeners (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:685:12)
    at Request.callListeners (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at Request.emit (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:683:14)
    at Request.transition (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/request.js:685:12)
    at Request.callListeners (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at callNextListener (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/sequential_executor.js:96:12)
    at IncomingMessage.onEnd (/Users/xxxx/code/authoriser/node_modules/aws-sdk/lib/event_listeners.js:299:13)
    at IncomingMessage.emit (events.js:194:15)
    at IncomingMessage.EventEmitter.emit (domain.js:441:20)
    at endReadableNT (_stream_readable.js:1125:12)
    at process._tickCallback (internal/process/next_tick.js:63:19)
(node:20672) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)

Here's my ARN line: - sqs: arn:aws:sqs:${self:provider.region}:#{AWS::AccountId}:${self:custom.queueName}

My temporary fix is to manually switch this to: - sqs: arn:aws:sqs:${self:provider.region}:xxxx:${self:custom.queueName}

Would it be possible to have this variable resolve in offline mode? Or at the very least be set to some random string to prevent the error.

Thanks!

When using the serverless deployment command sls deploy -s dev to deploy the complete stack the pseudo variables such as ${AWS::Region}, ${AWS::AccountId} are properly populated with the actual values. During the build I can see in the logs that AWS Pseudo Parameters are getting replaced.

However, when deploying individual lambda function from this stack using the command sls deploy -f myFunction -s dev, the pseudo parameters are not getting replaced. I do not see any logs related to AWS Pseudo Parameters.

Hi.

Thanks for the comment re this plugin being deprecated, but I struggled to implement without it based on the documentation available in this repo and from the Serverless Framework documentation.

It wasn't until I stumbled on this link from one of the Serverless Forum pages that I realised that not only do you need to replace the '#' with '$', you seem to need to add '!Sub' at the beginning.

ie.
Resource: 'arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:function-on-error'
becomes:
Resource: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:function-on-error'

https://forum.serverless.com/t/pseudo-parameters-with-variables/13119

I think it would be very helpful for others if this little tip could be added to the documentation page here.

I was wondering where is #{AWS::AccountId} getting the value from?
Is it looking at the account associated with ~/.aws/credentials?

Is there any way to still use #{AWS::AccountId} but force it to get the value from environment variables or something like that?

Up until now the following pseudo parameters have been being replaced:

  alert:
    handler: src/handler.alert
    events:
      - sns:
          topicName: ecogy-${opt:stage, self:provider.stage}-alerts-insufficientData
          arn: arn:aws:sns:#{AWS::Region}:#{AWS::AccountId}:ecogy-${opt:stage, self:provider.stage}-alerts-insufficientData

After upgrading to serverless 1.48.0 I now get the following error:
An error occurred: AlertSnsSubscriptionEcogyintalertsinsufficientData - Invalid subscription update, region value provided [#{AWS] should be the same as the current subscription region [us-east-1]

The following snippet of code:

stepFunctions:
validate: true
stateMachines:
serverlessTestStepFunc:
name: ${self:service}-${self:provider.stage}-rmh-test-fsm
definition:
StartAt: MdcInsertControlRecordState
States:
MdcInsertControlRecordState:
Type: Task
Resource: arn:aws:lambda:#{AWS::Region}:#{AWS::AccountId}:function:${self:service}-${self:provider.stage}-mdcInsertControlRecord
InputPath: "$"
ResultPath: "$"
OutputPath: "$"
End: true

fails asl validation with the error:

`Serverless Error ---------------------------------------

✕ State machine "serverlessTestStepFunc" definition is invalid:
[{"keyword":"additionalProperties","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"#/additionalProperties","params":{"additionalProperty":"Resource"},"message":"should NOT have additional properties"},{"keyword":"additionalProperties","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"http://asl-validator.cloud/fail#/additionalProperties","params":{"additionalProperty":"Resource"},"message":"should NOT have additional properties"},{"keyword":"additionalProperties","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"#/additionalProperties","params":{"additionalProperty":"Resource"},"message":"should NOT have additional properties"},{"keyword":"additionalProperties","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"http://asl-validator.cloud/pass#/additionalProperties","params":{"additionalProperty":"Resource"},"message":"should NOT have additional properties"},{"keyword":"additionalProperties","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"http://asl-validator.cloud/succeed#/additionalProperties","params":{"additionalProperty":"Resource"},"message":"should NOT have additional properties"},{"keyword":"pattern","dataPath":".States['MdcInsertControlRecordState'].Resource","schemaPath":"http://asl-validator.cloud/task#/properties/Resource/oneOf/0/pattern","params":{"pattern":"^arn:aws:([a-z]|-)+:([a-z]|[0-9]|-):[0-9]:([a-z]|-)+:[a-zA-Z0-9-.]+$"},"message":"should match pattern "^arn:aws:([a-z]|-)+:([a-z]|[0-9]|-):[0-9]:([a-z]|-)+:[a-zA-Z0-9-.]+$""},{"keyword":"type","dataPath":".States['MdcInsertControlRecordState'].Resource","schemaPath":"http://asl-validator.cloud/task#/properties/Resource/oneOf/1/type","params":{"type":"object"},"message":"should be object"},{"keyword":"oneOf","dataPath":".States['MdcInsertControlRecordState'].Resource","schemaPath":"http://asl-validator.cloud/task#/properties/Resource/oneOf","params":{"passingSchemas":null},"message":"should match exactly one schema in oneOf"},{"keyword":"additionalProperties","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"http://asl-validator.cloud/wait#/additionalProperties","params":{"additionalProperty":"Resource"},"message":"should NOT have additional properties"},{"keyword":"oneOf","dataPath":".States['MdcInsertControlRecordState']","schemaPath":"#/oneOf","params":{"passingSchemas":null},"message":"should match exactly one schema in oneOf"}]`

If I shut off validation, then it passes and when I check the AWS console, the machine is created correctly. This leads me to believe that when the asl validator runs, the pseudo-parameters are not yet plugged in. Now, I can work around this by either setting account id and region under the provider heading, or I can shut off validation (I've tried and both work), but I think this is a small issue that should be fixed. I could also be wrong about what's causing it, but I think I've eliminated all of the other causal factors.

I have a CloudFormation template that creates permissions for IAM users that are scoped to a particular region. For example (representative, but not tested):

service: foo-testuser

provider:
  name: aws
  region: us-east-1

custom:
  userRegion: us-east-2

plugins:
  - serverless-pseudo-parameters

resources:
  Resources:
    TestUser:
      Type: AWS::IAM::User
      Properties:
        UserName: testuser
        Policies:
          - PolicyName: allow-cloudformation
            PolicyDocument:
              Version: "2012-10-17"
              Statement:
                - Effect: "Allow"
                  Action:
                    - "cloudformation:DescribeStacks"
                    - "cloudformation:DescribeStackEvents"
                    - "cloudformation:DescribeStackResource*"
                    - "cloudformation:GetTemplate"
                    - "cloudformation:CreateStack"
                    - "cloudformation:UpdateStack"
                    # not allowed to delete stack; that must be done manually by admin
                  Resource:
                    "arn:aws:cloudformation:${self:custom.userRegion}:#{AWS::AccountId}:stack/foo-testuser-dev/*"
          - PolicyName: allow-cloudformation-global
            PolicyDocument:
              Version: "2012-10-17"
              Statement:
                - Effect: "Allow"
                  Action:
                    - "cloudformation:ValidateTemplate"
                  Resource:
                    "*"
          - PolicyName: allow-apigateway
            PolicyDocument:
              Version: "2012-10-17"
              Statement:
                - Effect: "Allow"
                  Action:
                    - "apigateway:*"
                  Resource:
                    "arn:aws:apigateway:${self:custom.userRegion}::/restapis"
          - PolicyName: allow-ssm-access
            PolicyDocument:
              Version: "2012-10-17"
              Statement:
                - Effect: "Allow"
                  Action:
                    - "ssm:DescribeParameters"
                    - "ssm:GetParameter"
                    - "ssm:GetParameters"
                    - "ssm:List*"
                  Resource:
                    "arn:aws:ssm:${self:custom.userRegion}:#{AWS::AccountId}:parameter/testuser/dev/*"

However, serverless-pseudo-parameters overwrites these regions with #{AWS::Region}:

https://github.com/svdgraaf/serverless-pseudo-parameters/blob/master/lib/index.js#L65

which prevents me from specifying a region other than the one I'm using with serverless deploy --region <region>. This breaks a valid use case: IAM users are global, but their permissions can refer to region-specific resources.

Why does this region overwriting exist in the first place? Can its purpose be accomplished in a way that avoids this problem, or can this overwriting at least be configurable?

Sorry if this is an intended or unavoidable effect, I have not gone through the source code of the plugin.

I have a particular use case in which I wish to set a custom deploymentBucket for my service whose name depends on the AWS::AccountId parameter.

provider:
  deploymentBucket: mydeploymentbucketname-#{AWS::AccountId}

However it seems that serverless is checking the validity of the string before the pseudo parameter substitution, throwing the following error:

Bucket name must end with a letter or number. mydeploymentbucketname-#{AWS::AccountId}

Hey,

there is version 1.2.0 on NPM released on January 25, 2018 but no commits on github since 2017

I checked the diff on upkg https://unpkg.com/[email protected]/

But looks like just a version bump?

custom:
envPref: '#{environmentPrefix}'
provider:
name: aws
runtime: nodejs8.10
stage: ${self:custom.envPref}
functions:
processEvent:
handler: handler.processEventFunction
name: 'dan-#{environmentPrefix}-process-event'
events:
- http:
path: tdi/processevent
method: post
cors: true
private: true

With the above setup, it fails to create the http scaffolding.

any advise.

We are unable to use this in our corporate environment unless there's a license.

Fixed by #31

Hi,

I'm trying to setup a DataPipeline for exporting DynamoDB data to S3 using Cloudformation
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-datapipeline-pipeline.html#aws-resource-datapipeline-pipeline--examples

DataPipeline references other blocks of the DataPipeline configuration using the same token format as used by serverless-pseudo-parameters e.g. #{myOutputS3Loc} and therefore they are getting replaced with the Fn:Sub intrinsic function which is not desired behaviour.

Is there currently a way to escape the token so that the resulting cloudformation template still contains the token as #{myOutputS3Loc}?

Cheers,

Matt

I'm trying to use #{AWS::AccountId} as part of the cfnRole variable in my serverless.yml file, but it's not being substituted. Here is the relevant section of serverless.yml:

plugins:
  - serverless-pseudo-parameters

provider:
  name: aws
  runtime: nodejs12.x
  cfnRole: "arn:aws:iam::#{AWS:AccountId}:role/MyRole"

When I run serverless deploy, I get the error message Cross-account pass role is not allowed, and when I turn on debugging with SLS_DEBUG=true, I can see that the role it's using to do the deployment is

arn:aws:iam::#{AWS:AccountId}:role/MyRole

i.e. the pseudo parameter is not being substituted. If I replace #{AWS:AccountId} with the literal value (i.e. cfnRole: "arn:aws:iam::12345678901234:role/MyRole") then the deployment works fine. Does anyone know why parameter substitution isn't happening here?

Having some issues after upgrading to v1.6.0 😢

serverless.yml

custom:
  config: ${file(config/${opt:stage}.js):config, file(config/common.js):config}

provider:
  ...
  environment:
    MEDIA_SERVICES_REGION: ${self:custom.config.mediaServices.region}
  ...

config/common.js

'use strict';

module.exports.config = () =>
  Object({ 
    mediaServices: { region: 'ap-southeast-1' }
  });

Output

FooLambdaFunction: {
       Properties: {
         ...
         Environment: {
           Variables: {
-            MEDIA_SERVICES_REGION: "ap-southeast-1"
+            MEDIA_SERVICES_REGION: {
+              Fn::Sub: "${AWS::Region}"
+            }
           }
         }
       }

In my case ${AWS::Region} resulted in ap-northeast-1 which caused applciation issues 😂

Right now, serverless-pseudo-parameters iterates only over items in the Resources section of the CloudFormation template.

Serverless is not restricted to just the Resources section of CloudFormation, though. Many sections can be specified in the serverless custom resources block, such as custom "Outputs". I'd like to propose checking for any valid section type in the CloudFormation template anatomy and replacing pseudo parameters in all of them.

The plugin doesn't work properly with last serverless versions, checked with version 1.48.4.
The noticed issue is:

• The compiled serverless template (.serverless\serverless-state.json) contains values like "#{AWS" which causes further CloudFormation stack creation issue

Steps to reproduce:

1. Unpack the attached file into a separate folder
   Note: below is the plugin values declaration that causes issue (see serverless.yml):

functions:
  test:
    handler: handler.test
    events:
      - sns:
          displayName: dmc-cnst-consenthub-preferences-changed-${opt:stage}
          arn: arn:aws:sns:#{AWS::Region}:#{AWS::AccountId}:dmc-cnst-consenthub-preferences-changed-${opt:stage}

2. Execute 'npm install'
3. Execute 'sls package -s dev' command and check created serverless-state.json in .serverless folder. You may see entry like "Region": "#{AWS" there - it is not correct

example.zip

Look at serverless

service: database

frameworkVersion: ">=1.38.0 <2.0.0"

plugins:
  - serverless-step-functions
  - serverless-pseudo-parameters
  - serverless-cf-vars
  - serverless-parameters
  - serverless-s3-deploy
  - serverless-scriptable-plugin

provider:
  name: aws
  stage: dev
  region: us-east=1
  deploymentBucket:
    name: my_bucket-#{AWS::AccountId}-#{AWS::Region}-name
    blockPublicAccess: true

resources:
  Resources:
    Database:
      Type: AWS::Glue::Database
      Properties:
        CatalogId: "#{AWS::AccountId}"
        DatabaseInput:
          Name: some_name

It fails with error:

cmd.exe /c "serverless deploy"
 
  Serverless Error ---------------------------------------
 
  Bucket name cannot contain uppercase letters. my_bucket-#{AWS::AccountId}-#{AWS::Region}-name
 
  Get Support --------------------------------------------
     Docs:          docs.serverless.com
     Bugs:          github.com/serverless/serverless/issues
     Issues:        forum.serverless.com
 
  Your Environment Information ---------------------------
     Operating System:          win32
     Node Version:              10.15.0
     Framework Version:         1.53.0
     Plugin Version:            3.1.1
     SDK Version:               2.1.1
     Components Core Version:   1.1.1
     Components CLI Version:    1.2.3
 

Process finished with exit code 1

Issue:

I want to create a service that uses an S3 bucket as an event source, and I want the #{AWS::AccountId} to be in the bucket name to guarantee a unique bucket name. However, this does not work as expected; when trying to deploy the service, I receive an error message:

Bucket name should not contain uppercase characters.

Reproduce:

Environment Information:

  Your Environment Information ---------------------------
     Operating System:          darwin
     Node Version:              12.14.1
     Framework Version:         1.80.0
     Plugin Version:            3.8.1
     SDK Version:               2.3.1
     Components Version:        2.34.9

serverless-pseudo-parameters version: 2.5.0

serverless.yml

service: sample-bucket-project
provider:
  name: aws
  region: us-west-2
  runtime: nodejs12.x
plugins:
  - serverless-pseudo-parameters

functions:
  test:
    handler: index.handler
    events:
      - s3:
          bucket: my-events-bucket-#{AWS::AccountId}

Full command output:

$ serverless deploy
Serverless: Packaging service...
Serverless: Excluding development dependencies...

  Serverless Error ---------------------------------------

  my-events-bucket-#{AWS::AccountId} - Bucket name should not contain uppercase characters. Please check provider.s3.my-events-bucket-#{AWS::AccountId} and/or s3 events of function "test".

  Get Support --------------------------------------------
     Docs:          docs.serverless.com
     Bugs:          github.com/serverless/serverless/issues
     Issues:        forum.serverless.com

  Your Environment Information ---------------------------
     Operating System:          darwin
     Node Version:              12.14.1
     Framework Version:         1.80.0
     Plugin Version:            3.8.1
     SDK Version:               2.3.1
     Components Version:        2.34.9

We are using v. 2.2.0, and apparently, the issue reported in #10 has returned:

Serverless file snippet:

custom:
  ...
  email_queue_url: "arn:aws:sqs:us-east-1:#{AWS::AccountID}:${self:custom.email_queue_name}"

functions:
    ...
    environment:
      ...
      ASSEMBLER_QUEUE_URL: "${self:custom.email_queue_url}"

This started happening, and even after removing every parameter, the only fix was to remove the plugin.

Cannot convert undefined or null to object

TypeError: Cannot convert undefined or null to object
    at replaceChildNodes (/usr/src/app/node_modules/serverless-pseudo-parameters/lib/index.js:57:14)
    at Object.keys.forEach.identifier (/usr/src/app/node_modules/serverless-pseudo-parameters/lib/index.js:27:50)
    at Array.forEach (native)
    at ServerlessAWSPseudoParameters.addParameters (/usr/src/app/node_modules/serverless-pseudo-parameters/lib/index.js:27:28)
    at BbPromise.reduce (/usr/lib/node_modules/serverless/lib/classes/PluginManager.js:372:55)
From previous event:
    at PluginManager.invoke (/usr/lib/node_modules/serverless/lib/classes/PluginManager.js:372:22)
    at PluginManager.run (/usr/lib/node_modules/serverless/lib/classes/PluginManager.js:403:17)
    at variables.populateService.then (/usr/lib/node_modules/serverless/lib/Serverless.js:102:33)
    at runCallback (timers.js:672:20)
    at tryOnImmediate (timers.js:645:5)
    at processImmediate [as _immediateCallback] (timers.js:617:5)
From previous event:
    at Serverless.run (/usr/lib/node_modules/serverless/lib/Serverless.js:89:74)
    at serverless.init.then (/usr/lib/node_modules/serverless/bin/serverless:42:50)