By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Stack Create Fails: Internal Failure. Rollback requested by user.

0

I am creating a stack via the AWS Ruby SDK v3 and it is failing with an internal error. After a long period (30-40 minutes) it fails and rolls back with an internal failure. No resources show up and there are no other events.

24 May 2019 07:32:08 stack-name ROLLBACK_COMPLETE -
24 May 2019 07:31:42 stack-name ROLLBACK_IN_PROGRESS Internal Failure. Rollback requested by user.
24 May 2019 07:05:10 stack-name CREATE_IN_PROGRESS User Initiated

Launching the stack as a different (more privileged) user means that it starts immediately. I have also tried removing all resources from the stack except for one EC2 instance and the same behaviour is exhibited.

The stack is launched with capabilities CAPABILITY_IAM and CAPABILITY_NAMED_IAM .
My best guess is that the user is missing an IAM policy which allows it to even start processing the stack, but I don't know how to debug it. It's a role that is used by many other deployments and cannot be easily changed.
Any guidance on how to debug or what might cause this behaviour is appreciated.

Topics
Security, Identity, & Compliance
Tags
AWS Identity and Access Management
Language
English
HelloMyNameIsJoel
asked 5 years ago840 views
1 Answer
0

I worked it out.

The template had a reference to a parameter being of type AWS::SSM::Parameter::Name but that was unresolvable because the account launching the CloudFormation didn't have ssm:GetParameter action permissions.

A better error message and fast-failure would have been helpful in debugging this.

HelloMyNameIsJoel
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content