AWS Cloudformation - nested stacks - stack keeps failing deploy but not reason is given
Question
I got a simple cloudformation stack made of only two nested stacks, one for the hosting and serving of a single page application web app and the other for the authentication logic (for now it only define a Cognito user pool resource).
The auth nested stack keeps failing during deployment, but I can't figure out why as not reasonable motivation is given by the command.
I still get the error even after manually deleting the entire stack hierarchy and creating a new one.
After the aborted operation I'm left with the main stack and two empty nested stacks, each one in the DELETE_COMPLETE status.
Running sam validate on the nested stack template gives no error:
> sam validate --template-file nested-stacks/auth.yaml
2023-01-16 12:15:01 Loading policies from IAM...
2023-01-16 12:15:04 Finished loading policies from IAM.
/media/sgratani/Data/tests/AWS/serverless spa/aws_stack/nested-stacks/auth.yaml is a valid SAM Template
nested stack template
AWSTemplateFormatVersion: '2010-09-09'
Description: >
- A Cognito user pool
Parameters: {}
Resources:
UserPool:
Type: AWS::Cognito::UserPool
Properties:
AccountRecoverySetting:
RecoveryMechanisms:
- Name: verified_email
AdminCreateUserConfig:
AllowAdminCreateUserOnly: true
InviteMessageTemplate:
EmailMessage: Your username is {username} and temporary password is {####}.
EmailSubject: Your temporary password
UnusedAccountValidityDays: 30
# AliasAttributes:
# - String
# AutoVerifiedAttributes:
# - String
EmailConfiguration:
EmailSendingAccount: COGNITO_DEFAULT
MfaConfiguration: OFF
Policies:
PasswordPolicy:
MinimumLength: 8
RequireLowercase: true
RequireNumbers: true
RequireSymbols: true
RequireUppercase: true
TemporaryPasswordValidityDays: 7
# Schema:
# - SchemaAttribute
# UsernameAttributes:
# - String
UsernameConfiguration:
CaseSensitive: true
VerificationMessageTemplate:
DefaultEmailOption: String
EmailMessage: Your verification code is {####}.
# EmailMessageByLink: String
EmailSubject: Your verification code
# EmailSubjectByLink: String
sam build output deployment section
Initiating deployment
=====================
File with same data already exists at 0320ec2e303c20d5454978a63234f9ed.template, skipping upload
Waiting for changeset to be created..
CloudFormation stack changeset
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
Operation LogicalResourceId ResourceType Replacement
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
+ Add AppHosting AWS::CloudFormation::Stack N/A
+ Add Auth AWS::CloudFormation::Stack N/A
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
Changeset created successfully. arn:aws:cloudformation:eu-central-1:575288510223:changeSet/samcli-deploy1673867103/a08f41d4-6786-4039-8916-ab73a37a0d1e
2023-01-16 12:05:15 - Waiting for stack create/update to complete
CloudFormation events from stack operations (refresh every 0.5 seconds)
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
ResourceStatus ResourceType LogicalResourceId ResourceStatusReason
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
CREATE_IN_PROGRESS AWS::CloudFormation::Stack Auth -
CREATE_IN_PROGRESS AWS::CloudFormation::Stack AppHosting -
CREATE_IN_PROGRESS AWS::CloudFormation::Stack Auth Resource creation Initiated
CREATE_IN_PROGRESS AWS::CloudFormation::Stack AppHosting Resource creation Initiated
CREATE_FAILED AWS::CloudFormation::Stack Auth Embedded stack
arn:aws:cloudformation:eu-
central-1:575288510223:stack/test-spa-
Auth-IB3AC3208DMY/aa040170-958d-11ed-9
c56-0a7beb596806 was not successfully
created: The following resource(s)
failed to create: [UserPool].
CREATE_FAILED AWS::CloudFormation::Stack AppHosting Resource creation cancelled
ROLLBACK_IN_PROGRESS AWS::CloudFormation::Stack test-spa The following resource(s) failed to
create: [Auth, AppHosting]. Rollback
requested by user.
DELETE_IN_PROGRESS AWS::CloudFormation::Stack AppHosting -
DELETE_IN_PROGRESS AWS::CloudFormation::Stack Auth -
DELETE_COMPLETE AWS::CloudFormation::Stack Auth -
DELETE_COMPLETE AWS::CloudFormation::Stack AppHosting -
ROLLBACK_COMPLETE AWS::CloudFormation::Stack test-spa -
-----------------------------------------------------------------------------------------------------------------------------------------------------------------
Error: Failed to create/update the stack: test-spa, Waiter StackCreateComplete failed: Waiter encountered a terminal failure state: For expression "Stacks[].StackStatus" we matched expected path: "ROLLBACK_COMPLETE" at least once
final nested stacks
1 answers
solution1
0 2023-01-16 16:46:55
Ok, the nested stack template actually had a few errors in it, a test deployment on its own pointed them out as being the main stack lead to a more clear output from sam deploy command.
BTW, don't understand why sam validate didn't alert me, since one of the errors were actually a value type error, eg 'Integer' string instead of an actual integer (copy/paste from docs without updating, my fault).
This had me thinking: what do actually sam validate validates?
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.