By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

CloudFormation - Error creating an Elasticache for Redis user

0

Hello,

I am seeing some very non-specific errors when I try to create an AWS::ElastiCache::User using CloudFormation. My template is simply:

UserName: myuser
UserId: hereisauserid
Engine: redis
NoPasswordRequired: true

I also tried

UserName: myuser
UserId: hereisauserid
Engine: redis
AuthenticationMode:
  Type: no-password-required

CF tells me:

An internal error has occurred. Please try your query again at a later time.

OK, that's neat, thanks. When I look in CloudTrail, I see:

{
...
    "eventSource": "elasticache.amazonaws.com",
    "eventName": "CreateUser",
...
    "errorCode": "InternalFailure",
    "errorMessage": "An unknown error occurred",
...
}

which is not super helpful. I am an administrator and so privileges shouldn't be an issue. Does anyone have any ideas about how to continue troubleshooting the issue?

Topics
DatabaseManagement & Governance
Tags
Amazon ElastiCache for RedisAWS CloudFormation
Language
English
always_a_problem
asked a month ago45 views
2 Answers
0
Accepted Answer

The documentation seems to be wrong. It turns out that the AccessString property is required.

always_a_problem
answered a month ago
profile picture
EXPERT
Riku_Kobayashi
reviewed a month ago
-1

Based on the information provided, it seems you're encountering an internal error while trying to create an ElastiCache user using CloudFormation. This type of error can be challenging to troubleshoot as it doesn't provide specific details about the cause. However, there are a few things we can consider to help resolve the issue:

  1. Resource Properties: Your CloudFormation template for the AWS::ElastiCache::User resource appears to be missing some required properties. The 'Engine' property should be set to either 'redis' or 'valkey'. Also, ensure that the 'UserId' follows the pattern '[a-z][a-z0-9-]*'.

  2. Authentication Mode: You've tried two different approaches for setting up authentication. The 'NoPasswordRequired' property is a valid option, but make sure it's set to true if you don't want to require a password. Alternatively, using the 'AuthenticationMode' property with 'Type: no-password-required' is also correct.

  3. IAM Permissions: Although you mentioned you're an administrator, it's worth double-checking that your IAM role or user has the necessary permissions to create ElastiCache users. Ensure you have the 'elasticache:CreateUser' permission.

  4. Service Limits: Check if you've reached any service limits for ElastiCache users in your account.

  5. ElastiCache Version: Confirm that you're using ElastiCache versions that support user creation (Redis 6.0 and above, or Memcached 7.2 and above).

  6. Region Availability: Ensure that the feature is available in the AWS region you're working in.

  7. Retry: As the error message suggests, this could be a temporary issue. Try running the CloudFormation stack creation again after a short wait.

  8. AWS Support: If the issue persists, consider contacting AWS support. They can provide more detailed information about the internal error you're encountering.

To further troubleshoot, you could try creating the user manually through the AWS CLI or console to see if you encounter the same error. This might provide more specific error messages that could help identify the root cause.

Remember to validate your CloudFormation template syntax and ensure all required properties for the AWS::ElastiCache::User resource are correctly specified.

Sources
AWS::ElastiCache::User - AWS CloudFormation
ElastiCache examples using AWS CLI - AWS SDK Code Examples
Resolve IAM permission errors in CloudFormation | AWS re:Post

profile picture
re:Post Agent
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content