I'm trying to delete my EC2 instances which I believe were created when I used Amplify for my authentication. But everytime I delete my EC2 instance, it spawns another instance. I research and I found out that if it was created using ELB, then I should delete that ELB instance first. So that's what I tried to do, delete the ELB instance. But even that causes an error and won't delete my ELB instance
Now I am stuck, and I am being billed by AWS because of these running instances that I am not able to delete. Please advse,
ERROR
Stack deletion failed: The following resource(s) failed to delete:
[AWSEBSecurityGroup, AWSEBRDSDatabase, AWSEBLoadBalancerSecurityGroup].
ERROR
Deleting security group named: <...>
failed Reason: resource <...> has a dependent object (Service: AmazonEC2;
Status Code: 400;
Error Code: DependencyViolation;
Request ID: <...>;
Proxy: null)
ERROR
Deleting security group named: <...>-stack-AWSEBSecurityGroup-<...>
failed Reason: resource <...> has a dependent object (Service: AmazonEC2;
Status Code: 400;
Error Code: DependencyViolation;
Request ID: <...>;
Proxy: null)
Is it because I deleted the RDS first before deleting the ELB?
Instances in Elastic Beanstalk run in Autoscaling Group. That's why it spans new ones when you delete them.
You should delete your EB environment. This will take care of deleting the autoscaling group with the instance.
Related
I am trying to create a rds aurora global database with autoscaling enabled based on CPU threshold but when I try to destroy the autoscaled instances that are not deleted by terraform is this a bug? Is there a workaround or am I missing something?
I used this module https://github.com/umotif-public/terraform-aws-rds-aurora/blob/master/main.tf
line 391 create auto-scaling of aurora rds
But the autoscaled instance state is not maintained by terraform and deleting the autoscale resource didn't work
Error message: Error: error deleting RDS Cluster InvalidDBClusterStateFault: Cluster cannot be deleted, it still contains DB instances in non-deleting state. status code: 400, request id: b62f33ee-57d8-4887-9cad-3cbf6229b4ac
Error: Error deleting DB parameter group: InvalidDBParameterGroupState: One or more database instances are still members of this parameter group my-parameter-group, so the group cannot be deleted status code: 400, request id: 8a501e66-39e5-4365-ba33-7667894b9cf6
The only way I have done this is by manually deleting it before executing the command from terraform, but it does not make sense
I've successfully created an EKS cluster and some other resources via a terraform script. However, I am unable to successfully complete the terraform destroy. I get the following error upon deletion of EKS cluster:
Error: error deleting EKS Cluster (cluster-name): AccessDeniedException:
status code: 403, request id: request-uuid
Any ideas?
The role I'm using needs to allow the eks:DeleteCluster operation in its policy.
I used to deploy a Java web application to Elastic Beanstalk (EC2) as root user without this problem. Now I'm using a recommended way of deploying as IAM service user and I get the following errors. I suspect it's because of lack of permissions (policies) but I don't know what policies should I assign to the IAM user.
QUESTION: Could you help me in finding the right policies?
commands:
eb init --profile eb_admin
eb create --single
output of the 2nd command:
Printing Status:
2019-05-26 12:08:58 INFO createEnvironment is starting.
2019-05-26 12:08:59 INFO Using elasticbeanstalk-eu-central-1-726173845157 as Amazon S3 storage bucket for environment data.
2019-05-26 12:09:26 INFO Created security group named: awseb-e-ire9qdzahd-stack-AWSEBSecurityGroup-L5VUAQLDAA9F
2019-05-26 12:09:42 ERROR Stack named 'awseb-e-ire9qdzahd-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [MountTargetSecurityGroup, AWSEBEIP, sslSecurityGroupIngress, FileSystem].
2019-05-26 12:09:42 ERROR Creating security group failed Reason: The vpc ID 'vpc-7166611a' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidVpcID.NotFound; Request ID: c1d0ce4d-830d-4b0c-9f84-85d8da4f7243)
2019-05-26 12:09:42 ERROR Creating EIP: 54.93.84.166 failed. Reason: Resource creation cancelled
2019-05-26 12:09:42 ERROR Creating security group ingress named: sslSecurityGroupIngress failed Reason: Resource creation cancelled
2019-05-26 12:09:44 INFO Launched environment: stack-overflow-dev. However, there were issues during launch. See event log for details.
Important!
I use a few .ebextensions scripts in order to initialize the environment:
nginx
https-instance-securitygroup
storage-efs-createfilesystem
storage-efs-mountfilesystem
After reviewing the logs, I also noticed that I forgot to create VPC which is required for EFS filesystem. Could it be that 1 failed script (storage-efs-createfilesystem) is the root cause of subsequent failing operations?
Yes, the lack of VPC has caused the other resources to fail to create. Elastic Beanstalk and the storage-efs-createfilesystem extension use CloudFormation underneath.
storage-efs-createfilesystem Cfn template creates MountTargetSecurityGroup SG and that failed due to lack of VPC. The AWSEBEIP, sslSecurityGroupIngress and FileSystem resource creation is then cancelled.
I am unable to delete a RDS instance in my account.
The error message shows:
IAM Database Authentication is enabled in the DB Instance but it is not supported for the new configuration from the request. (Service: AmazonRDS; Status Code: 400; Error Code: InvalidParameterCombination; Request ID: 332fe09b-d6a0-47c8-84bc-d1f6881f34d2)
Have you tried disabling IAM Authentication before deleting the instance?
I have an identity TVM on Amazon Elastic Beanstalk that when I try to start it gives
014-07-07 15:29:46 UTC+0100 ERROR Stack named 'awseb-e-ybrpewdr7z-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: AWSEBInstanceLaunchWaitCondition. (Service: AmazonCloudFormation; Status Code: 400; Error Code: OperationError; Request ID: null)
Now If I go to logs and click snapshot logs all that happens is it waits for a while showing processing but then I get no logs showing up. Does anyone please have an idea what the problem is so I can see either the logs and/or sort the startup problem?
This was security issue.
Amazon ECB uses a VPC, now that may already be running especially if a RDB has been created first. Now the groups on the EB instance can show acces rights reuired. But the VPC has an underlying security ACL that is not group based. When a RDB is created first that initially created the VPC the VPC instance gets the rights just to access the DB, so will not allow for example HTTP traffic through this cannot get to the EB to set it up.