CloudFormation UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS state

Question

Hey

We have a root stack stuck in the UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS state.

The reason looks like in the 1 nested stack that failed with "**The security token included in the request is invalid**." error (looks like AWS internal issue), all other nested stacks are green.

The nested stack is already fixed by update re-run, but the root stack is still in the UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS state for 3 hours. So, ALL nested stacks are green, but the resource state in the root stack still has the "The security token included in the request is invalid." error.

No options to re-run it, cancel, or update it. Recommendations from 
https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-stack-cleanup-stuck/ and https://aws.amazon.com/premiumsupport/knowledge-center/cloudformation-stack-stuck-progress/ don't work for us, because we don't have DELETE_IN_PROGRESS resources or other related issues.

How to resolve it? We can't run new deploys in that state.

Thanks

Answer

Automatically completed in exactly 6 hours

Answer

HI,
This has happened to us too, where we are getting random issues of security tokens even though all code pipelines are handled by roles instead of users.
"The security token included in the request is invalid."

We get one stack that errors in the nested stack at random times and it causes the whole stack update to fail and rollback, on rerunning, it works fine, is there some change in IAM role expirations that has changed?

CloudFormation UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS state

Relevant content