Amplify add new env failure with error : HostedUIProvidersCustomResourceInputs Custom::LambdaCallout

[bishonbopanna]

Before opening, please confirm:

• I have installed the latest version of the Amplify CLI (see above), and confirmed that the issue still persists.
• I have searched for duplicate or closed issues.
• I have read the guide for submitting bug reports.
• I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.

How did you install the Amplify CLI?

yarn

If applicable, what version of Node.js are you using?

v15.12.0

Amplify CLI Version

4.45.2

What operating system are you using?

Mac

Amplify Categories

auth, storage, api, hosting

Amplify Commands

env, publish

Describe the bug

I am trying to add new env for the amplify backend and am getting the below error. :

CREATE_FAILED      HostedUIProvidersCustomResourceInputs Custom::LambdaCallout Mon Mar 22 2021 19:33:12 GMT-0400 (Eastern Daylight Time) Failed to create resource. See the details in CloudWatch Log Stream: 2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4
CREATE_IN_PROGRESS HostedUIProvidersCustomResourceInputs Custom::LambdaCallout Mon Mar 22 2021 19:33:12 GMT-0400 (Eastern Daylight Time) Resource creation Initiated
CREATE_IN_PROGRESS HostedUICustomResourceInputs          Custom::LambdaCallout Mon Mar 22 2021 19:33:12 GMT-0400 (Eastern Daylight Time) Resource creation Initiated
CREATE_COMPLETE    UserPoolClientInputs                  Custom::LambdaCallout Mon Mar 22 2021 19:33:11 GMT-0400 (Eastern Daylight Time)
CREATE_IN_PROGRESS UserPoolClientInputs                  Custom::LambdaCallout Mon Mar 22 2021 19:33:10 GMT-0400 (Eastern Daylight Time) Resource creation Initiated
⠇ Updating resources in the cloud. This may take a few minutes...

CREATE_FAILED amplify-someapplication-envtwo-192949-authsomeapplication10ec9a3f-N3HNQXJZ0DNP AWS::CloudFormation::Stack Mon Mar 22 2021 19:33:14 GMT-0400 (Eastern Daylight Time) The following resource(s) failed to create: [HostedUIProvidersCustomResourceInputs].
⠦ Updating resources in the cloud. This may take a few minutes...

UPDATE_ROLLBACK_IN_PROGRESS amplify-someapplication-envtwo-192949 AWS::CloudFormation::Stack Mon Mar 22 2021 19:33:29 GMT-0400 (Eastern Daylight Time) The following resource(s) failed to create: [hostingS3AndCloudFront, authsomeapplication10ec9a3f].
CREATE_FAILED               hostingS3AndCloudFront               AWS::CloudFormation::Stack Mon Mar 22 2021 19:33:29 GMT-0400 (Eastern Daylight Time) Resource creation cancelled
CREATE_FAILED               authsomeapplication10ec9a3f               AWS::CloudFormation::Stack Mon Mar 22 2021 19:33:28 GMT-0400 (Eastern Daylight Time) Embedded stack arn:aws:cloudformation:us-east-1:239888062377:stack/amplify-someapplication-envtwo-192949-authsomeapplication10ec9a3f-N3HNQXJZ0DNP/bcf0b9f0-8b66-11eb-b644-0a8082d84415 was not successfully created: The following resource(s) failed to create: [HostedUIProvidersCustomResourceInputs].

From Log stream :

2021-03-22T23:33:10.456Z	f141c0f0-b781-433a-bdcd-aa5122b4cb5d	INFO	Response body:
 
{
    "Status": "FAILED",
    "Reason": "See the details in CloudWatch Log Stream: 2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4",
    "PhysicalResourceId": "2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4",
    "StackId": "arn:aws:cloudformation:us-east-1:[ACCOUNT_NUMBER]:stack/amplify-someapplication-envtwo-192949-authsomeapplication10ec9a3f-N3HNQXJZ0DNP/bcf0b9f0-8b66-11eb-b644-0a8082d84415",
    "RequestId": "5b4f5ad6-5342-4bd7-8984-638cdf17bdf1",
    "LogicalResourceId": "HostedUIProvidersCustomResourceInputs",
    "NoEcho": false,
    "Data": {
        "err": {
            "message": "client_id, client_secret and authorize_scopes are all required idp details.",
            "code": "InvalidParameterException",
            "time": "2021-03-22T23:33:10.414Z",
            "requestId": "b5cef6fd-40d0-474a-9005-84cacf7c8f51",
            "statusCode": 400,
            "retryable": false,
            "retryDelay": 87.55256440291616
        }
    }
}

Expected behavior

New amplify env should be added without issues

Reproduction steps

1. Amplify init
2. Add amplify env with below services

Current Environment: envone

| Category | Resource name      | Operation | Provider plugin   |
| -------- | ------------------ | --------- | ----------------- |
| Auth     | somename00000000 | Create    | awscloudformation |
| Storage  | somenamestorage  | Create    | awscloudformation |
| Api      | somenamegraphql  | Create    | awscloudformation |
| Hosting  | somename    | Create    | awscloudformation |

3. amplify push
4. amplify publish -c

----------- ALL WELL TILL HERE ------------

5. amplify env add
   << choose the aws profile of the account from another organization>>

Current Environment: envtwo

| Category | Resource name      | Operation | Provider plugin   |
| -------- | ------------------ | --------- | ----------------- |
| Auth     | somename00000000 | Create    | awscloudformation |
| Storage  | somenamestorage  | Create    | awscloudformation |
| Api      | somenamegraphql  | Create    | awscloudformation |
| Hosting  | somename    | Create    | awscloudformation |

6. amplify push gives this error :

ISSUE # 1 :

CREATE_FAILED      HostedUIProvidersCustomResourceInputs Custom::LambdaCallout Mon Mar 22 2021 19:33:12 GMT-0400 (Eastern Daylight Time) Failed to create resource. See the details in CloudWatch Log Stream: 2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4

From Log stream :

2021-03-22T23:33:10.456Z f141c0f0-b781-433a-bdcd-aa5122b4cb5d INFO Response body:

{
    "Status": "FAILED",
    "Reason": "See the details in CloudWatch Log Stream: 2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4",
    "PhysicalResourceId": "2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4",
    "StackId": "arn:aws:cloudformation:us-east-1:[ACCOUNT_NUMBER]:stack/amplify-someapplication-envtwo-192949-authsomeapplication10ec9a3f-N3HNQXJZ0DNP/bcf0b9f0-8b66-11eb-b644-0a8082d84415",
    "RequestId": "5b4f5ad6-5342-4bd7-8984-638cdf17bdf1",
    "LogicalResourceId": "HostedUIProvidersCustomResourceInputs",
    "NoEcho": false,
    "Data": {
        "err": {
            "message": "client_id, client_secret and authorize_scopes are all required idp details.",
            "code": "InvalidParameterException",
            "time": "2021-03-22T23:33:10.414Z",
            "requestId": "b5cef6fd-40d0-474a-9005-84cacf7c8f51",
            "statusCode": 400,
            "retryable": false,
            "retryDelay": 87.55256440291616
        }
    }
}

7. ISSUE # 2. : After this, canNOT even remove this env locally !!!!!

amplify env remove envtwo                                                                                                                                                     

? Are you sure you want to continue? This CANNOT be undone. (This will delete 'envtwo' environment of the project from the cloud) Yes
⠋ Deleting resources from the cloud. This may take a few minutes...
Deleting env:envtwo
⠧ Deleting resources from the cloud. This may take a few minutes...
Error in deleting env:envtwo
null
✖ remove env failed: null
Forbidden:
    at Request.extractError (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/services/s3.js:692:35)
    at Request.callListeners (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:688:14)
    at Request.transition (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:690:12)
    at Request.callListeners (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at Request.emit (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:688:14)
    at Request.transition (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/request.js:690:12)
    at Request.callListeners (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at callNextListener (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/sequential_executor.js:96:12)
    at IncomingMessage.onEnd (/usr/local/lib/node_modules/@aws-amplify/cli/node_modules/aws-sdk/lib/event_listeners.js:313:13)
    at IncomingMessage.emit (node:events:381:22)
    at IncomingMessage.emit (node:domain:470:12)
    at endReadableNT (node:internal/streams/readable:1307:12)
    at processTicksAndRejections (node:internal/process/task_queues:81:21)

GraphQL schema(s)

# Put schemas below this line

Log output

From Log stream :
2021-03-22T23:33:10.456Z	f141c0f0-b781-433a-bdcd-aa5122b4cb5d	INFO	Response body:
 
{
    "Status": "FAILED",
    "Reason": "See the details in CloudWatch Log Stream: 2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4",
    "PhysicalResourceId": "2021/03/22/[$LATEST]6ad1186de94e49099861fa96da2816b4",
    "StackId": "arn:aws:cloudformation:us-east-1:[ACCOUNT_NUMBER]:stack/amplify-someapplication-envtwo-192949-authsomeapplication10ec9a3f-N3HNQXJZ0DNP/bcf0b9f0-8b66-11eb-b644-0a8082d84415",
    "RequestId": "5b4f5ad6-5342-4bd7-8984-638cdf17bdf1",
    "LogicalResourceId": "HostedUIProvidersCustomResourceInputs",
    "NoEcho": false,
    "Data": {
        "err": {
            "message": "client_id, client_secret and authorize_scopes are all required idp details.",
            "code": "InvalidParameterException",
            "time": "2021-03-22T23:33:10.414Z",
            "requestId": "b5cef6fd-40d0-474a-9005-84cacf7c8f51",
            "statusCode": 400,
            "retryable": false,
            "retryDelay": 87.55256440291616
        }
    }
}

[kaustavghosh06]

When you add a new env, did you get a question around entering your client id and client secrets for the auth resource in your nw environment?

[bishonbopanna]

@kaustavghosh06 - Nope - NOT prompted, any other info needed ?

[ammarkarachi]

@bishonbopanna Can you update your credentials by running amplify update auth to get you unblocked while we are working on the resolution

[kaustavghosh06]

@bishonbopanna Specifically you can go through the following flow to unblock yourself while we push out a fix for this:

kaustavg@3c22fb229ff6 authbug % amplify update auth
Please note that certain attributes may not be overwritten if you choose to use defaults settings.
Using service: Cognito, provided by: awscloudformation
 What do you want to do? Update OAuth social providers
 Select the identity providers you want to configure for your user pool: Facebook
  
 You've opted to allow users to authenticate via Facebook.  If you haven't already, you'll need to go to https://developers.facebook.com and create an App ID. 
 
 Enter your Facebook App ID for your OAuth flow:  yourappid
 Enter your Facebook App Secret for your OAuth flow: yoursecret
Successfully updated auth resource authbugb417c8b2 locally

[bishonbopanna]

@ammarkarachi , @kaustavghosh06 - thankyou, the workaround did the job. Any recommendation on removing the failed envs as per issue # 2 ?

[kaustavghosh06]

@bishonbopanna The #2 issue seems unrelated to auth and seems like its tied to the creds used. If you update the aws profile of the current env to that of envtwo and then try removing envtwo, you should be able to get around it.

[kaustavghosh06]

@bishonbopanna We've released a fix for the issue with add auth -> push which was your original issue. Closing this issue.

[bishonbopanna]

thanks @kaustavghosh06 - how to get the fix ? Is there a need to pull the latest version ? also issue # 2 is not resolved as per your recommendation - Please let me know if you need any other info.

[kaustavghosh06]

@bishonbopanna #2 happens due to wrong access/creds. What does your amplify/.config/local-aws-info.json look like? Did you make the necessary changes based on my recommendation above?
You need the latest version of the CLI to get a fix for #1 although at this point I believe you're past that issue based on the workaround provided yesterday,

[bishonbopanna]

thanks @kaustavghosh06, will pull the latest, yes work around is in use.

Yes I did as per your recommendation. here are the contents

  "envone": {
    "configLevel": "project",
    "useProfile": true,
    "profileName": "something-beta-env"
  },
  "envtwo": {
    "configLevel": "project",
    "useProfile": true,
    "profileName": "something-beta-env"
  },
  "envthree": {
    "configLevel": "project",
    "useProfile": true,
    "profileName": "something-us-east-1"
  }
}

[kaustavghosh06]

@bishonbopanna Are you trying to remove envone from evntwo or envthree?

[bishonbopanna]

@kaustavghosh06 - envtwo, also i have currently checkedout envone which uses the same credentials as envtwo.

This time i get a different error -

⠋ Deleting resources from the cloud. This may take a few minutes...
Deleting env:envtwo
⠋ Deleting resources from the cloud. This may take a few minutes...Stack has already been deleted or does not exist
⠏ Deleting resources from the cloud. This may take a few minutes...
Error in deleting env:envtwo
BackendEnvironment envtwo does not exist.
✖ remove env failed: BackendEnvironment envtwo does not exist.
BackendEnvironment envtwo does not exist.
NotFoundException: BackendEnvironment envtwo does not exist.

[kaustavghosh06]

Okay, so the CloudFormation stack has already deleted and the corresponding resources are deleted along with he Amplify backend environment in the console. You would need to remove the environment from environment from the "team-provider-info.json` file locally to get rid of it from showing locally.

[bishonbopanna]

ok will do, thanks again @kaustavghosh06

[NimaSoroush]

I have the exact same problem and I did what you recommended @kaustavghosh06 but I'm still having the same problem. I Have Facebook and Google integrated to Cognito and I updated both through amplify update auth followed by amplify push and I'm getting the same error. Any idea what would be the problem?
I also installed the lates version of CLI @aws-amplify/cli@4.46.1

[github-actions]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels for those types of questions.