How to fix "The following resource(s) failed to update: [Cloudfront]."

0

I'm getting this error

The following resource(s) failed to update: [Cloudfront].

when trying to redeploy my cloudformation stack. This is the template file:

AWSTemplateFormatVersion: "2010-09-09"
Description: 'Cloudfront stack'
Parameters:
  ViewerRequestFunctionVersionArn:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
  OringResponseFunctionVersionArn:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
  LambdaVideoPathEdgeVersionArn:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
  DNSDomainName:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
    MaxLength: 150
    MinLength: 5
  S3VideoDNSDomainName:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
    MaxLength: 150
    MinLength: 5
  IdParam:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
    MaxLength: 150
    MinLength: 5
  IdVideoOriginParam:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
    MaxLength: 150
    MinLength: 5
  OrigingAccessIdentityID:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
    MaxLength: 450
    MinLength: 5
  OrigingAccessIdentityVideoID:
    Type: String
    Description: S3bucketStack Name that your want to import the DNSDomainName from.
    MaxLength: 450
    MinLength: 5
  SSLCertificate:
    Type: String
    Description: SSLCertificate ARN .
    MaxLength: 150
    MinLength: 5
  Comment:
    Type: String
    Description: SSLCertificate ARN .
    MaxLength: 450
    MinLength: 5
  CommentOrigin:
    Type: String
    Description: SSLCertificate ARN .
    MaxLength: 450
    MinLength: 5
  AllowedMethodsParam:
    Type: CommaDelimitedList
    Description: Buket Name for website config( eg exemple.com).
  CachedMethodsParam:
    Type: CommaDelimitedList
    Description: Buket Name for website config( eg exemple.com).
  AliasesParam:
    Type: CommaDelimitedList
    Description: Buket Name for website config( eg exemple.com).
  defaultTTLParam:
    Type: Number
    Description: SSLCertificate ARN .
Resources:
  CloudFrontDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig: 
        Aliases: !Ref AliasesParam
        Comment: !Ref Comment
        CacheBehaviors:
          - AllowedMethods: !Ref AllowedMethodsParam
            CachedMethods: !Ref CachedMethodsParam
            Compress: false
            DefaultTTL: !Ref defaultTTLParam 
            PathPattern: 'public/*'
            ForwardedValues:
              Headers: 
                - Access-Control-Request-Headers
                - Access-Control-Request-Method
                - Origin
              QueryString: true
            MaxTTL: 31536000
            MinTTL: 0
            SmoothStreaming: false
            TargetOriginId: !Ref IdParam
            ViewerProtocolPolicy : "redirect-to-https"
          - AllowedMethods: !Ref AllowedMethodsParam
            CachedMethods: !Ref CachedMethodsParam
            Compress: false
            DefaultTTL: !Ref defaultTTLParam 
            PathPattern: 'images/*'
            ForwardedValues:
              Headers: 
                - Access-Control-Request-Headers
                - Access-Control-Request-Method
                - Origin
              QueryString: true
              QueryStringCacheKeys:
                - w
                - h
                - t 
                - q
                - v
            LambdaFunctionAssociations:
              - EventType: 'viewer-request'
                LambdaFunctionARN: !Ref ViewerRequestFunctionVersionArn
              - EventType: 'origin-response'
                LambdaFunctionARN: !Ref OringResponseFunctionVersionArn
            MaxTTL: 31536000
            MinTTL: 0
            SmoothStreaming: false
            TargetOriginId: !Ref IdParam
            ViewerProtocolPolicy : "redirect-to-https"
          - AllowedMethods: !Ref AllowedMethodsParam
            CachedMethods: !Ref CachedMethodsParam
            Compress: false
            PathPattern: 'videos/thumbnails/*'
            DefaultTTL: !Ref defaultTTLParam 
            ForwardedValues:
              QueryString: true
              QueryStringCacheKeys:
                - w
                - h
                - t 
                - q
                - v
            LambdaFunctionAssociations:
              - EventType: 'viewer-request'
                LambdaFunctionARN: !Ref ViewerRequestFunctionVersionArn
              - EventType: 'origin-request'
                LambdaFunctionARN: !Ref LambdaVideoPathEdgeVersionArn
              - EventType: 'origin-response'
                LambdaFunctionARN: !Ref OringResponseFunctionVersionArn
            MaxTTL: 31536000
            MinTTL: 0
            SmoothStreaming: false
            TargetOriginId: !Ref IdParam
            ViewerProtocolPolicy : "redirect-to-https"
          - AllowedMethods: !Ref AllowedMethodsParam
            CachedMethods: !Ref CachedMethodsParam
            Compress: false
            PathPattern: 'videos/*'
            DefaultTTL: !Ref defaultTTLParam 
            ForwardedValues:
              QueryString: true
              QueryStringCacheKeys:
                - codex
            LambdaFunctionAssociations:
              - EventType: 'viewer-request'
                LambdaFunctionARN: !Ref ViewerRequestFunctionVersionArn
              - EventType: 'origin-request'
                LambdaFunctionARN: !Ref LambdaVideoPathEdgeVersionArn
              - EventType: 'origin-response'
                LambdaFunctionARN: !Ref OringResponseFunctionVersionArn
            MaxTTL: 31536000
            MinTTL: 0
            SmoothStreaming: false
            TargetOriginId: !Ref IdVideoOriginParam
            ViewerProtocolPolicy : "redirect-to-https"
          - AllowedMethods: !Ref AllowedMethodsParam
            CachedMethods: !Ref CachedMethodsParam
            Compress: false
            PathPattern: 'gifs/*'
            DefaultTTL: !Ref defaultTTLParam
            LambdaFunctionAssociations:
              - EventType: 'viewer-request'
                LambdaFunctionARN: !Ref ViewerRequestFunctionVersionArn
              - EventType: 'origin-request'
                LambdaFunctionARN: !Ref LambdaVideoPathEdgeVersionArn
            MaxTTL: 31536000
            MinTTL: 0
            SmoothStreaming: false
            TargetOriginId: !Ref IdParam
            ViewerProtocolPolicy : "redirect-to-https"
        DefaultCacheBehavior:
          ForwardedValues:
            QueryString: false
          AllowedMethods: !Ref AllowedMethodsParam
          CachedMethods: !Ref CachedMethodsParam
          Compress: false
          DefaultTTL: !Ref defaultTTLParam 
          MaxTTL: 31536000
          MinTTL: 0
          SmoothStreaming: false
          TargetOriginId: !Ref IdParam
          ViewerProtocolPolicy : "redirect-to-https"
          LambdaFunctionAssociations:
            - EventType: 'viewer-request'
              LambdaFunctionARN: !Ref ViewerRequestFunctionVersionArn
        DefaultRootObject: index.html
        Enabled: true
        HttpVersion: http2
        IPV6Enabled: true
        Origins:
          - DomainName: !Ref DNSDomainName
            Id: !Ref IdParam
            S3OriginConfig:
              OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${OrigingAccessIdentityID}"
          - DomainName: !Ref S3VideoDNSDomainName
            Id: !Ref IdVideoOriginParam
            S3OriginConfig:
              OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${OrigingAccessIdentityVideoID}"
        ViewerCertificate:
          AcmCertificateArn: !Ref SSLCertificate
          MinimumProtocolVersion: "TLSv1.1_2016"
          SslSupportMethod: "sni-only"
      Tags: 
        - Key: Application
          Value: Testing
        - Key: Distribution
          Value: Coudfront HTTPS
Outputs:
  DomainName:
    Value: !GetAtt CloudFrontDistribution.DomainName
    Description: Cloudfront DomainName

I've reviewed the cloudfront troubleshooting guide and the closest thing that I thought may be a cause was differences between the deployed resources and what the template specifies. So I reverted all the changes I'd made in the dashboard and tried redeploying, but the error persisted. What else can I try? Or is there more info I can provide to shed more light on the problem?

1 Answer
0

It might be related to the Outputs section?

Outputs:
  DomainName:
    Value: !GetAtt CloudFrontDistribution.DomainName
    Description: Cloudfront DomainName

The error specifically states "Cloudfront" not "CloudFront", and that Description field appears to be the only place in the template that references "Cloudfront". The error specifically calls out a failed resource, so I don't think this is it, but just a thought. Can you share the specific step that fails in the stack events?

profile pictureAWS
answered 2 years ago
  • Hey thanks for the input. I don't think it's that either, primarily because that's a reference to a named resource that's spelled like that. These are the events that show failure:

    UPDATE_FAILED: Resource update cancelled
    UPDATE_ROLLBACK_IN_PROGRESS: [OtherResource1, OtherResource2,...]
    UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS (no associated message)
    UPDATE_ROLLBACK_COMPLETE (no associated message)
    

    Also, I noticed this warning in the cloudformation docs:

    We strongly recommend that updates to nested stacks are run from the parent stack.

    So I tried making a small change in the parent of the referenced stack but it didn't make a difference.

  • Hey I want to clarify that Cloudfront is not a typo, it's the name of the resource that's defined by the template file I included with the question. That should mean the error is somewhere within that resource. I suspect that the stack is now in an unrecoverable state but my organization is on the basic plan so I can't request technical support. Do you know any guides/blogs that can help resolve that? This one hasn't helped so far.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions