Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

cloudformation stuck cleaning up function url

0

stack status is UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS since 30 hours. it is a standalone stack, and it has no custom resources.

previously a change set failed, and the newly created lambda function and a lambda function url needed to be deleted during cleanup. for unknown reasons, the url deletion failed. however, CF proceeded with deleting the function to which the url belongs. then a repeated delete attempt also failed.

the lambda function url was (intended to be) attached to a cloudfront distribution as origin. it didn't happen though, because the template contained errors.

last relevant events:

2023-03-20 17:54:52 UTC+0100	LambdaOriginAuthParseUrl DELETE_FAILED  Internal Failure
2023-03-20 17:54:51 UTC+0100	LambdaOriginAuthParseUrl DELETE_IN_PROGRESS 	-
2023-03-20 17:54:59 UTC+0100	LambdaOriginAuthParse DELETE_COMPLETE -
2023-03-20 17:54:53 UTC+0100	LambdaOriginAuthParse DELETE_IN_PROGRESS -
2023-03-20 17:58:01 UTC+0100	LambdaOriginAuthParseUrl DELETE_FAILED 	Internal Failure
2023-03-20 17:58:00 UTC+0100	LambdaOriginAuthParseUrl DELETE_IN_PROGRESS	-

in this time interval, CloudTrail logs contain NO record of any Url deletion attempts. there are a bunch of other modifications done by CF, but the only activity related to this function is:

2023-03-20T16:54:54Z	lambda.amazonaws.com	DeleteFunction20150331

which coincides the function deletion. before that time code, the function is not modified in any way, according to CloudTrail.

the resource is now in CREATE_COMPLETE state. the function itself is not in the resource list, it has been deleted.

LambdaOriginAuthParseUrl	arn:aws:lambda:us-east-1:<redacted>:function:knowledgebase-LambdaOriginAuthParse-HkGjunQNhg7B	AWS::Lambda::Url  CREATE_COMPLETE	-

at this point, the stack refuses the following CLI actions:

  • cancel-update-stack
  • continue-update-rollback
  • continue-update-rollback --resources-to-skip
  • delete-stack
  • delete-stack --retain-resources
  • deploy
  • detect-stack-drift
  • rollback-stack
  • signal-resource
  • update-stack

the error message is, in every case, indicates that the operation is not available in this state. note that delete-task is also not available.

Tópicos
Sem servidorComputaçãoGestão e governança
Tags
AWS LambdaAWS CloudFormation
Idioma
English
Krisztian Pinter
feita há um ano253 visualizações
1 Resposta
0

amazing. after exactly 48 hours (to the second), the status changed to update failed, and the stack is back to normal. almost.

the template at this point doesn't contain the offending function nor its url. the resource list still contains the url, but not the function. drift detection detects the missing asset. creating a change set will not show the url as to be deleted. executing the change set will not delete the url.

Krisztian Pinter
respondido há um ano

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante