Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CfnThingGroup: Destroying stack fails #26533

Closed
raziza opened this issue Jul 27, 2023 · 13 comments
Closed

CfnThingGroup: Destroying stack fails #26533

raziza opened this issue Jul 27, 2023 · 13 comments
Labels
bug This issue is a bug. package/tools Related to AWS CDK Tools or CLI

Comments

@raziza
Copy link

raziza commented Jul 27, 2023

Describe the bug

Deploying a stack with a single thing group. Works properly.. cdk destroy fails with the message below

Resource handler returned message: "null" (RequestToken: 4103ff57-7367-a549-4eee-a6f7f85be822, HandlerErrorCode: InternalFailure)

Expected Behavior

To see the thing group deleted and not having error

Current Behavior

Stack is not being removed due to failure of removing the thing group

Reproduction Steps

Deploying and destroying the same stack which has single resource of type CfnThingGroup

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.88.0

Framework Version

2.88.0

Node.js Version

16.13.1

OS

Win 10

Language

Java

Language Version

No response

Other information

No response
@raziza raziza added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Jul 27, 2023
@github-actions github-actions bot added the package/tools Related to AWS CDK Tools or CLI label Jul 27, 2023
@peterwoodworth
Copy link
Contributor

Well, it looks like the service is throwing this error for some reason. Could you please share the code you deployed? Additionally, can you show the command you ran and the full error message posted? How far in the destroy command did it get before throwing this error?

@peterwoodworth peterwoodworth added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. and removed needs-triage This issue or PR still needs to be triaged. labels Jul 27, 2023
@github-actions
Copy link

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added the closing-soon This issue will automatically close in 4 days unless further comments are made. label Jul 29, 2023
@raziza
Copy link
Author

raziza commented Jul 30, 2023
edited
Loading

Here is the line of code that adds the Thing group to my template

CfnThingGroup.Builder.create(this, "agentsiotgroupThingsepmAgents") .thingGroupName("agents-iot-groupThings-epmAgents") .build();

the command is a usual cdk deploy which runs my application and deploying it.. At the moment I'm using AwsCustomResource to do so. and recently I've found out that a native support for ThingGroup was added so I've changed it. What I'm trying to say is that my cdk is being deployed and destroyed for 6 months already - so nothing is wrong (I think) in the way I'm running things..

For destroying I'm using cdk destroy or even through the cloud formation delete it is fails.

The complete error message is here:

agents-service-cdkepm-devraz2: destroying... [1/1]
agents-service-cdkepm-devraz2 |   0 | 8:33:52 AM | DELETE_IN_PROGRESS   | AWS::IoT::ThingGroup | agentsiotgroupThingsepmAgents 
agents-service-cdkepm-devraz2 |   0 | 8:33:53 AM | DELETE_FAILED        | AWS::IoT::ThingGroup | agentsiotgroupThingsepmAgents Resource handler returned message: "null" (RequestToken: e9f625cc-480c-c769-2f5c-d9b2fb17f74c, HandlerErrorCode: InternalFailure)
agents-service-cdkepm-devraz2 |   0 | 8:33:53 AM | DELETE_FAILED        | AWS::CloudFormation::Stack | agents-service-cdkepm-devraz2 The following resource(s) failed to delete: [agentsiotgroupThingsepmAgents]. 

Failed resources:
agents-service-cdkepm-devraz2 | 8:33:53 AM | DELETE_FAILED        | AWS::IoT::ThingGroup | agentsiotgroupThingsepmAgents Resource handler returned message: "null" (RequestToken: e9f625cc-480c-c769-2f5c-d9b2fb17f74c, HandlerErrorCode: InternalFailure)

agents-service-cdkepm-devraz2: destroy failed Error: The stack named agents-service-cdkepm-devraz2 is in a failed state. You may need to delete it from the AWS console : DELETE_FAILED (The following resource(s) failed to delete: [agentsiotgroupThingsepmAgents]. ): Resource handler returned message: "null" (RequestToken: e9f625cc-480c-c769-2f5c-d9b2fb17f74c, HandlerErrorCode: InternalFailure)
    at destroyStack (C:\Users\rotzkerehlers\AppData\Roaming\npm\node_modules\aws-cdk\lib\index.js:426:1796)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at async CdkToolkit.destroy (C:\Users\rotzkerehlers\AppData\Roaming\npm\node_modules\aws-cdk\lib\index.js:429:161194)
    at async exec4 (C:\Users\rotzkerehlers\AppData\Roaming\npm\node_modules\aws-cdk\lib\index.js:504:52657)

The stack named agents-service-cdkepm-devraz2 is in a failed state. You may need to delete it from the AWS console : DELETE_FAILED (The following resource(s) failed to delete: [agentsiotgroupThingsepmAgents]. ): Resource handler returned message: "null" (RequestToken: e9f625cc-480c-c769-2f5c-d9b2fb17f74c, HandlerErrorCode: InternalFailure)


> Task :cdkDestroy FAILED

@github-actions github-actions bot removed closing-soon This issue will automatically close in 4 days unless further comments are made. response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. labels Jul 30, 2023
@github-actions github-actions bot mentioned this issue Aug 1, 2023
Closed
@peterwoodworth
Copy link
Contributor

Looks like a service error, please delete the stack manually from the console, this isn't uncommon to have to do

@peterwoodworth peterwoodworth added the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Aug 3, 2023
@raziza
Copy link
Author

raziza commented Aug 3, 2023

It is not a problem to delete it manually.. the problem is that our test automation deploying the stack, doing the tests and destroying it. And every PR or commit to PR the cdk is being deployed again under random name to have a clear AWS resources such as sqs queues, iot stuff and more.. so in the end we have many stacks and many resources left in AWS..

@peterwoodworth
Copy link
Contributor

Can you please share the code which you are deploying -> deleting?

@peterwoodworth peterwoodworth added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. and removed response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. labels Aug 3, 2023
@github-actions
Copy link

github-actions bot commented Aug 5, 2023

This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.

@github-actions github-actions bot added the closing-soon This issue will automatically close in 4 days unless further comments are made. label Aug 5, 2023
@raziza
Copy link
Author

raziza commented Aug 6, 2023

Can you please share the code which you are deploying -> deleting?

The entire code will be a problem.. But as I wrote before. It is a simple CDK application. created using cdk init app --language java and the row for adding the thing group is CfnThingGroup.Builder.create(this, "mythinggroup") .thingGroupName("my-thing-group") .build();. Then i simply run cdk deploy/destroy from the command line

@github-actions github-actions bot removed closing-soon This issue will automatically close in 4 days unless further comments are made. response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. labels Aug 6, 2023
@peterwoodworth
Copy link
Contributor

If we don't have the information to reproduce this then we can't help @raziza. It's likely some configuration or service error though since this is just an L1 resource, which we wouldn't be able to help with aside from directing you to here

@peterwoodworth peterwoodworth added the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Aug 7, 2023
@raziza
Copy link
Author

raziza commented Aug 8, 2023

hi, I've developed a side project to share with you and it worked there. The only difference is the bootstrap which lead to the execution policy. Our bootstrap has a restricted execution policy, although we have there create/delete/updatething group on all thinggroup resources - it fails - with the null message as wrote before.. So for the test I allowed all Iot actions "iot:*" and it is working now. No entry in the cloud trail or any other documentation about some other permissions.. So I guess I have a try and error session in front of me. unless you can direct me to the right one ?

@raziza
Copy link
Author

raziza commented Aug 8, 2023

Ok. I've found the missing permission - and it is "iot:DescribeThingGroup".. I didn't find any documentation about it nowhere..
So few things to fix in my opnion:

  1. Better AWS documentation
  2. Better error message on failure
  3. CloudTrail entry on failure

Thanks for the help!!

@github-actions github-actions bot removed the response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 7 days. label Aug 8, 2023
@peterwoodworth
Copy link
Contributor

peterwoodworth commented Aug 8, 2023
edited
Loading

We don't handle the docs, error, or cloudtrail here - we just copy CloudFormation's model and docs. If you have docs improvements please give suggestions on the pages you have suggestions for, or reach out to the coverage roadmap to ask CloudFormation directly for anything else

@github-actions
Copy link

github-actions bot commented Aug 8, 2023

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue is a bug. package/tools Related to AWS CDK Tools or CLI
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@raziza @peterwoodworth