2 min read | by Jordi Prats
When provisioning cloud resources using sceptre we can endup with plenty of errors that we'll have to track down:
$ sceptre create example
Do you want to create 'example' [y/N]: y
[2023-01-26 05:18:31] - example/s3 - Creating Stack
[2023-01-26 05:18:33] - example/s3 s3 AWS::CloudFormation::Stack CREATE_IN_PROGRESS User Initiated
[2023-01-26 05:18:37] - example/s3 Bucket AWS::ServiceCatalog::CloudFormationProvisionedProduct CREATE_IN_PROGRESS
[2023-01-26 05:18:41] - example/s3 Bucket AWS::ServiceCatalog::CloudFormationProvisionedProduct CREATE_IN_PROGRESS Resource creation Initiated
[2023-01-26 05:20:15] - example/s3 Bucket AWS::ServiceCatalog::CloudFormationProvisionedProduct CREATE_COMPLETE
[2023-01-26 05:20:20] - example/s3 s3 AWS::CloudFormation::Stack CREATE_COMPLETE
[2023-01-26 05:20:24] - example/demo-policy - Creating Stack
[2023-01-26 05:20:25] - example/demo-policy demo-policy AWS::CloudFormation::Stack CREATE_IN_PROGRESS User Initiated
[2023-01-26 05:20:29] - example/demo-policy IAMPolicy AWS::ServiceCatalog::CloudFormationProvisionedProduct CREATE_IN_PROGRESS
[2023-01-26 05:20:33] - example/demo-policy IAMPolicy AWS::ServiceCatalog::CloudFormationProvisionedProduct CREATE_FAILED Resource handler returned message: "Invalid request provided: AWS::ServiceCatalog::CloudFormationProvisionedProduct" (RequestToken: 4580f5a3-bec2-72cc-5f9f-abad3792e57a, HandlerErrorCode: InvalidRequest)
[2023-01-26 09:20:33] - example/demo-policy demo-policy AWS::CloudFormation::Stack ROLLBACK_IN_PROGRESS The following resource(s) failed to create: [IAMPolicy]. Rollback requested by user.
[2023-01-26 05:23:12] - example/demo-policy IAMPolicy AWS::ServiceCatalog::CloudFormationProvisionedProduct DELETE_COMPLETE
[2023-01-26 05:23:12] - example/demo-policy demo-policy AWS::CloudFormation::Stack ROLLBACK_COMPLETE
In this case we are getting an error that doesn't tell us much, we'll have to dig into CloudTrail:
{
"eventVersion": "1.08",
(...)
"eventSource": "servicecatalog.amazonaws.com",
"eventName": "ProvisionProduct",
"awsRegion": "us-west-2",
"sourceIPAddress": "cloudformation.amazonaws.com",
"userAgent": "cloudformation.amazonaws.com",
"errorCode": "InvalidParametersException",
"errorMessage": "A stack named iam-policy-example already exists.",
(...)
}
The error A stack named iam-policy-example already exists means exactly that, we are trying to instantiate an object that already exists. We'll need to look at the templates and make sure that the ProvisionedProductName is not a fixed string, otherwise we'll only be able to instantiate it once:
AWSTemplateFormatVersion: 2010-09-09
Description: Deploy the IAM Policy
Parameters:
(...)
Resources:
IAMPolicy:
Type: AWS::ServiceCatalog::CloudFormationProvisionedProduct
Properties:
ProductName: IAMPolicy
ProvisioningArtifactName: 0.0.1
ProvisionedProductName: iam-policy-example
ProvisioningParameters:
(...)
We can use **!Ref to append a suffix or a prefix to the name so we can create multiple instances of this template:
AWSTemplateFormatVersion: 2010-09-09
Description: Deploy the IAM Policy
Parameters:
(...)
Resources:
IAMPolicy:
Type: AWS::ServiceCatalog::CloudFormationProvisionedProduct
Properties:
ProductName: IAMPolicy
ProvisioningArtifactName: 0.0.1
ProvisionedProductName: !Sub ${PolicyName}-iam-policy
ProvisioningParameters:
(...)
Posted on 16/03/2023