Error: the specified rule "peer: sg-1234567890, ALL, ALLOW" already exists

0

I am encountering this error related to a Custom::VpcRestrictDefaultSG resource in my stack.

Full error message:


UPDATE_FAILED        | Custom::VpcRestrictDefaultSG          | vpcRestrictDefault...omResourceABCDEFG
Message returned: InvalidPermission.Duplicate: the specified rule "peer: sg-1234567890, ALL, ALLOW" already exists

This is also leading to UPDATE_ROLLBACK_FAILED state, with the same error message.

On console > CloudFormation, in the continue rollback options, I see the resources to skip:

  • vpcRestrictDefaultSecurityGroupCustomResourceABCDEFG (Custom::VpcRestrictDefaultSG)
  • vpcVPCGW123456 (AWS::EC2::VPCGatewayAttachment)

Please let me know how to fix the resources listed above so that I can deploy my stack.

2 Answers
0
  1. Identify and review the duplicate rule in the security group.
  2. Check and update the Lambda function handling the Custom::VpcRestrictDefaultSG.
  3. Verify the CloudFormation template for any misconfigurations or duplicates.
  4. Retry updating your stack after making the necessary changes.
profile pictureAWS
EXPERT
Deeksha
answered a month ago
0

Hello, The error indicates that the security group rule you're trying to add already exists. To resolve this, first identify the security group and remove the conflicting rule, then update the CloudFormation stack with the modified template.

**Refer this article: **

  • When you create a resource that has the same name and is set to the same value as another resource, AWS CloudFormation can't differentiate between them. You then receive the error message, "Resource already exists in stack." Each resource has a unique physical ID. You can't reuse the physical ID for most resources that are defined in CloudFormation.

[+] https://repost.aws/knowledge-center/cloudformation-stack-resource-failure

profile picture
answered a month ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions