Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Stack Create Fails: Internal Failure. Rollback requested by user.

0

I am creating a stack via the AWS Ruby SDK v3 and it is failing with an internal error. After a long period (30-40 minutes) it fails and rolls back with an internal failure. No resources show up and there are no other events.

24 May 2019 07:32:08 stack-name ROLLBACK_COMPLETE -
24 May 2019 07:31:42 stack-name ROLLBACK_IN_PROGRESS Internal Failure. Rollback requested by user.
24 May 2019 07:05:10 stack-name CREATE_IN_PROGRESS User Initiated

Launching the stack as a different (more privileged) user means that it starts immediately. I have also tried removing all resources from the stack except for one EC2 instance and the same behaviour is exhibited.

The stack is launched with capabilities CAPABILITY_IAM and CAPABILITY_NAMED_IAM .
My best guess is that the user is missing an IAM policy which allows it to even start processing the stack, but I don't know how to debug it. It's a role that is used by many other deployments and cannot be easily changed.
Any guidance on how to debug or what might cause this behaviour is appreciated.

Themen
Sicherheit, Identität & Konformität
Tags
AWS Identity and Access Management
Sprache
English
HelloMyNameIsJoel
gefragt vor 5 Jahren908 Aufrufe
1 Antwort
0

I worked it out.

The template had a reference to a parameter being of type AWS::SSM::Parameter::Name but that was unresolvable because the account launching the CloudFormation didn't have ssm:GetParameter action permissions.

A better error message and fast-failure would have been helpful in debugging this.

HelloMyNameIsJoel
beantwortet vor 5 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt