When deploying a lambda using serverless I am getting the following error when running sls deploy -s dev -v:
UPDATE_FAILED - AWS::IAM::Role - IamRoleLambdaExecution
Serverless Error ----------------------------------------
An error occurred: IamRoleLambdaExecution - The policy failed legacy parsing (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: b80c863c-1a49-43ae-887c-9611c869e08c; Proxy: null)
This error was caused by a resource incorrectly written.
I had a resource as:
arn:aws:sqs:us-west-2:982028098624/bigtier-dev-sqs
and it had to be:
arn:aws:sqs:us-west-2:982028098624:bigtier-dev-sqs
It took me hours to find it (the error message didn't help), that's why I wanted to share it. If you get this error, read every resource char by char!
Related
Using the AWS CDK (2.10.0 (build e5b301f)) I'm attempting to bootstrap 'Account-B' with --trust permissions so 'Account-A' can deploy into it.
cdk bootstrap --trust aws://Account-A/ap-southeast-2 aws://Account-B/ap-southeast-2 --cloudformation-execution-policies "arn:aws:iam::aws:policy/AdministratorAccess"
The CFT deployment (Account-B) fails with this error...
The following resource(s) failed to update: [ImagePublishingRole,
FilePublishingRole, CdkBootstrapVersion, LookupRole,
CloudFormationExecutionRole, ContainerAssetsRepository].
Invalid principal in policy: "AWS":"aws://Account-A/ap-southeast-2"
(Service: AmazonIdentityManagement; Status Code: 400; Error Code:
MalformedPolicyDocument; Request ID:
65543239-69db-4b09-a70e-52732b7620cf; Proxy: null)
It seems to me that the CFT I'm consuming has an error, then i would assume that everyone else is also running into this issue?
Actual Error:
Bootstrapping environment aws://711219499793/ap-southeast-2...
Trusted accounts for deployment: aws://864771865616/ap-southeast-2
Trusted accounts for lookup: (none)
Execution policies: arn:aws:iam::aws:policy/AdministratorAccess
CDKToolkit: creating CloudFormation changeset...
UPDATE_FAILED | AWS::IAM::Role | ImagePublishingRole
Invalid principal in policy: "AWS":"aws://864771865616/ap-southeast-2" (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: 72b1b1d4-b904-47ee-808c-deaf399fcdc9; Proxy
: null)
I sometimes get a 400 error when creating my Fastly Service through pulumi. The error message is below.
error: 1 error occurred:
* updating urn:my:cdn: 400 - Bad Request:
Title: Bad request
Detail: Exceeding max_backends: 5
I've had more than 5 backends in other Fastly services, and if I retry the deployment the 400 error goes away. Has anyone else encountered this error?
I found out I have to raise the limits on our fastly account https://docs.fastly.com/en/guides/resource-limits
When I try to deploy package on SAM, the very first status comes in cloud formation console is ROLLBACK_IN_PROGRESS after that it gets changed to ROLLBACK_COMPLETE
I have tried deleting the stack and trying again, but every time same issue occurs.
Error in terminal looks like this-
Sourcing local options from ./SAMToolkit.devenv
SAM_PARAM_PKG environment variable not set
SAMToolkit will operate in legacy mode.
Please set SAM_PARAM_PKG in your .devenv file to run modern packaging.
Run 'sam help package' for more information
Runtime: java
Attempting to assume role from AWS Identity Broker using account 634668058279
Assumed role from AWS Identity Broker successfully.
Deploying stack sam-dev* from template: /home/***/1.0/runtime/sam/template.yml
sam-additional-artifacts-url.txt was not found, which is fine if there is no additional artifacts uploaded
Replacing BATS::SAM placeholders in template...
Uploading template build/private/tmp/sam-toolkit.yml to s3://***/sam-toolkit.yml
make_bucket failed: s3://sam-dev* An error occurred (BucketAlreadyOwnedByYou) when calling the CreateBucket operation: Your previous request to create the named bucket succeeded and you already own it.
upload: build/private/tmp/sam-toolkit.yml to s3://sam-dev*/sam-toolkit.yml
An error occurred (ValidationError) when calling the DescribeStacks operation: Stack with id sam-dev* does not exist
sam-dev* will be created.
Creating ChangeSet ChangeSet-2020-01-20T12-25-56Z
Deploying stack sam-dev*. Follow in console: https://aws-identity-broker.amazon.com/federation/634668058279/CloudFormation
ChangeSet ChangeSet-2020-01-20T12-25-56Z in sam-dev* succeeded
"StackStatus": "REVIEW_IN_PROGRESS",
sam-dev* reached REVIEW_IN_PROGRESS
Deploying stack sam-dev*. Follow in console: https://console.aws.amazon.com/cloudformation/home?region=us-west-2
Waiting for stack-create-complete
Waiter StackCreateComplete failed: Waiter encountered a terminal failure state
Command failed.
Please see the logs above.
I set SQS as event source for Lambda, but didn't provided the permissions like this
- Effect: Allow
Action:
- sqs:ReceiveMessage
- sqs:DeleteMessage
- sqs:GetQueueAttributes
Resource: "*"
in lambda policies.
I found this error in "Events" tab of "CloudFormation" service.
Attempting to issue cf d against the US South Bluemix node and I am getting the following error:
$ cf d myconf2014
Really delete the app myconf2014?> y
Deleting app myconf2014 in org <redacted> / space dev as <redacted>...
FAILED
Server error, status code: 500, error code: 10001, message: Service broker error: instance_id <redacted> not found
How do I get that fixed?
Your best option here is to open a ticket with the support team as they'll have to help you remove this service instance. IBM.biz/bluemixsupport
What does this error mean please?
Stack named 'awseb-eea9ufee4ak-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [AWSEBInstanceLaunchWaitCondition]. (Service: AmazonCloudFormation; Status Code: 400; Error Code: OperationError; Request ID: null)
This error means that launching your environment timed out while waiting to hear back the EC2 instance. The instance did not report whether it successfully launched the environment or not. I would recommend taking snapshot logs to see detailed error messages from the instance.