We Keep Coding

Failed to deploy: Automatic rollback disabled for this deployment

I am trying to run Deploy multiple machine learning models for inference on AWS Lambda and Amazon EFS, I have done all the steps correctly, however, when I use the sam build --use-container command, I was falling into memory error.
In order to solve this problem I resizing EBS volume manually to 30 Gib and I used the sam build --debug --use-container command because I realized that cloud9 and my runtime had different versions of python.
After much research and trying I was able to build it successfully. But, when I went to deploy, using the command sam deploy --guided, I got the following:
CREATE_FAILED AWS::Lambda::Function MLModelUploadFunction Resource handler returned message:
"'MemorySize' value failed to
satisfy constraint: Member must
have value less than or equal to
3008 (Service: Lambda, Status Code:
400, Request ID: 3503cc50-aa63-45ca
-837a-e66085f8e215)" (RequestToken:
c2277c5f-0fa3-cd7f-df01-6c7e19d1ad0
a, HandlerErrorCode:
InvalidRequest)
CREATE_FAILED AWS::EC2::NatGateway NatGatewayA Resource creation cancelled
ROLLBACK_IN_PROGRESS AWS::CloudFormation::Stack sam4-app The following resource(s) failed to
create: [NatGatewayA,
MLModelUploadFunction]. Rollback
requested by user.
DELETE_IN_PROGRESS AWS::EC2::SubnetRouteTableAssociati RouteTableAssociationAPrivate -
on
DELETE_IN_PROGRESS AWS::IAM::Role
.
.
.
InternetGateway -
DELETE_COMPLETE AWS::EC2::InternetGateway InternetGateway -
DELETE_COMPLETE AWS::EC2::VPC EfsLambdaVpc -
ROLLBACK_COMPLETE AWS::CloudFormation::Stack sam4-app -
-----------------------------------------------------------------------------------------------------------------------------------------------------
Error: Failed to create/update the stack: sam4-app, Waiter StackCreateComplete failed: Waiter encountered a terminal failure state: For expression "Stacks[].StackStatus" we matched expected path: "ROLLBACK_COMPLETE" at least once
Researching about this error, I noticed that it is a problem with the lambda function. When I access Applications in the AWS Lambda it shows a creation error.
I tried various solutions like directly specifying the s3 bucket, using another version of sam, I tried running the MLInference-Lambda-EFS code, but nothing works.
Does anyone know how I can solve this problem? I have been struggling with this project for a long time.

Please run sam delete --stack-name aws-sam-cli-managed-default to remove the broken managed stack before going through guided deploy or --resolve-s3 again.
I ran the deploy command again sam deploy --s3-bucket test-bucket --guided and it worked when I specified a bucket name. This bucket is ignored by SAM and the stack is created without problem.

How to configure automate_aws_accounts_creation_sso_users_assignment.yaml to run in a region of my choice?

I'm following https://aws.amazon.com/de/blogs/security/how-to-automate-aws-account-creation-with-sso-user-assignment/ to automate sso account creation. It says:
This solution is configured to be deployed in the North Virginia Region (us-east-1). But you can change the CloudFormation template to run in any Region that supports all the services required in the solution.
So I create the stack https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/automate_aws_accounts_creation_sso_users_assignment.yaml and change the region in the top panel from us-east-1 to eu-central-1.
The creation of the stack fails with the following event:
Logical ID: CreateAccountAssignmentLambda
Status: Create_FAILED
Status reason: Resource handler returned message: "Error occurred while GetObject. S3 Error Code: PermanentRedirect. S3 Error Message: The bucket is in this region: us-east-1. Please use this region to retry the request (Service: Lambda, Status Code: 400, Request ID: 7fd58877-67b5-46b6-ac60-693f1edff8df, Extended Request ID: null)" (RequestToken: b49cb70f-2820-2c65-76c2-1a0b2776cd94, HandlerErrorCode: InvalidRequest)
I have inspected the tamplate and the locations referenced therein:
https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/automate_aws_accounts_creation_sso_users_assignment.yaml
https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/batchcreation_lambda.zip
https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/account_create_lambda.zip
https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/create_account_assignment_lambda.zip
But there is no mention of us-east-1 or Virginia. How can I change the CloudFormation template to run in another region?

It seems as though the problem is the S3Bucket: awsiammedia.
I would copy the assets you need from awsiammedia to a bucket in the new region, and use that bucket name where you find awsiammedia. So, 'configure' is not a good description.
CreateAccountAssignmentLambda:
Type: AWS::Lambda::Function
Properties:
Code:
--> S3Bucket: awsiammedia
S3Key: public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/create_account_assignment_lambda.zip

How to launch AWS cloud formation stack with glue?

I'm trying to get this repo going: https://github.com/mydatastack/google-analytics-to-s3.
A link is provided to launch the AWS CloudFormation stack, its meant to be one click to launch the stack but it is no longer working because the S3 bucket containing the template is no longer active.
As a result I'm trying to launch the stack myself via sam deploy --guided --capabilities CAPABILITY_AUTO_EXPAND CAPABILITY_IAM since all the resources for the stack are within the repo. I've added this lambda layer for the paramiko package referenced by collector-ga.yaml to fix this error .
Frustratingly, I'm not quite up and running yet, GlueConfigurationLambda, an AWS lambda function (line 691) failed to create:
Waiting for changeset to be created..
CloudFormation stack changeset
---------------------------------------------------------------------------------------------------------------------
Operation LogicalResourceId ResourceType Replacement
---------------------------------------------------------------------------------------------------------------------
+ Add GoogleAnalyticsCollectorSta AWS::CloudFormation::Stack N/A
ck
---------------------------------------------------------------------------------------------------------------------
Changeset created successfully. arn:aws:cloudformation:eu-central-1:XXXXXX:changeSet/samcli-deploy1628597635/4ee26e-46b5-4131-bdba-1b9fc34f99d6
Previewing CloudFormation changeset before deployment
======================================================
Deploy this changeset? [y/N]: y
2021-08-10 13:14:04 - Waiting for stack create/update to complete
CloudFormation events from changeset
---------------------------------------------------------------------------------------------------------------------------------------------------------
ResourceStatus ResourceType LogicalResourceId ResourceStatusReason
---------------------------------------------------------------------------------------------------------------------------------------------------------
CREATE_IN_PROGRESS AWS::CloudFormation::Stack GoogleAnalyticsCollectorStack -
CREATE_IN_PROGRESS AWS::CloudFormation::Stack GoogleAnalyticsCollectorStack Resource creation Initiated
CREATE_FAILED AWS::CloudFormation::Stack GoogleAnalyticsCollectorStack Embedded stack
arn:aws:cloudformation:eu-central-1:
XXXXXX:stack/GAN2S3-GoogleAnal
yticsCollectorStack-JUATDT3EBD82/e19
a4950-ff27-11ea-943e-06072e1f2808
was not successfully created: The
following resource(s) failed to
create: [GlueConfigurationLambda].
Full Trace - https://pastebin.pl/view/50b3e402
My first question is if there's anywhere to get a more in-depth log of the error?
My second question is if anyone knows how to fix this error.

Can you have a look at the AWS Console CloudFormation application? You should be able to opt to view the Deleted stacks, after which you should be able to select the substack that has failed. In the events list of that deleted stack, you should be able to view a more precise error of what went wrong.
If it's still unclear from that precise error, feel free to edit the question to add the specific error and add a comment to this answer to draw my attention to it.
(Edit)
I've looked through the template file again and noticed the Lambda that's failing is still configured to use Node.js 8, which has been deprecated for some time. You should change it to a newer version, e.g., Node.js 14.
Find the currently supported runtimes here: Lambda runtimes

Aws Blockchain Template Error on stack creation

I'm trying to create stack to deploy fabric blockchain network on EC2, but I've always the same error
The following resource(s) failed to create: [FabricEC2CommonStack]. .
Rollback requested by user. CREATE_FAILED AWS::CloudFormation::Stack
FabricEC2CommonStack Embedded stack
arn:aws:cloudformation:us-east-1:>:stack/FabricStack-FabricEC2CommonStack-NNFUD6RJCZB1/<>
was not successfully created: The following resource(s) failed to
create: [EC2InstanceForDev].
I thought it was a problem with my EC2 Instance profile, but it seems correct. It has the policies to use ECR+S3. Thanks

AWS CLI environment create error CREATE_FAILED, reason: resources failed to create

I used to deploy a Java web application to Elastic Beanstalk (EC2) as root user without this problem. Now I'm using a recommended way of deploying as IAM service user and I get the following errors. I suspect it's because of lack of permissions (policies) but I don't know what policies should I assign to the IAM user.
QUESTION: Could you help me in finding the right policies?
commands:
eb init --profile eb_admin
eb create --single
output of the 2nd command:
Printing Status:
2019-05-26 12:08:58 INFO createEnvironment is starting.
2019-05-26 12:08:59 INFO Using elasticbeanstalk-eu-central-1-726173845157 as Amazon S3 storage bucket for environment data.
2019-05-26 12:09:26 INFO Created security group named: awseb-e-ire9qdzahd-stack-AWSEBSecurityGroup-L5VUAQLDAA9F
2019-05-26 12:09:42 ERROR Stack named 'awseb-e-ire9qdzahd-stack' aborted operation. Current state: 'CREATE_FAILED' Reason: The following resource(s) failed to create: [MountTargetSecurityGroup, AWSEBEIP, sslSecurityGroupIngress, FileSystem].
2019-05-26 12:09:42 ERROR Creating security group failed Reason: The vpc ID 'vpc-7166611a' does not exist (Service: AmazonEC2; Status Code: 400; Error Code: InvalidVpcID.NotFound; Request ID: c1d0ce4d-830d-4b0c-9f84-85d8da4f7243)
2019-05-26 12:09:42 ERROR Creating EIP: 54.93.84.166 failed. Reason: Resource creation cancelled
2019-05-26 12:09:42 ERROR Creating security group ingress named: sslSecurityGroupIngress failed Reason: Resource creation cancelled
2019-05-26 12:09:44 INFO Launched environment: stack-overflow-dev. However, there were issues during launch. See event log for details.
Important!
I use a few .ebextensions scripts in order to initialize the environment:
nginx
https-instance-securitygroup
storage-efs-createfilesystem
storage-efs-mountfilesystem
After reviewing the logs, I also noticed that I forgot to create VPC which is required for EFS filesystem. Could it be that 1 failed script (storage-efs-createfilesystem) is the root cause of subsequent failing operations?

Yes, the lack of VPC has caused the other resources to fail to create. Elastic Beanstalk and the storage-efs-createfilesystem extension use CloudFormation underneath.
storage-efs-createfilesystem Cfn template creates MountTargetSecurityGroup SG and that failed due to lack of VPC. The AWSEBEIP, sslSecurityGroupIngress and FileSystem resource creation is then cancelled.