Trying to create a simple LAMP stack on aws using AWS CloudFormation Sample Template LAMP_Single_Instance template.
On creating the stack, I get the following event - "Internal Failure. Rollback requested by user."
No clues provided on why this failed.
You can inspect the CloudFormation events tab on the management console (or with describe-stack-events on the CLI) and check what went wrong. In this single instance stack, probably CloudFormation was unable to create the instance, check the parameter values. For example, the key pair name should not have the ".pem" extension of the file, if that was supplied.
Related
Is there any way to rollback all the changes made by an AWS Lambda by using the SDK? E.g. the lambda created and launched by a CloudFormation template creates a bucket via the AWS SDK. In case something fails it would be great to have a 'stack rollback' for the same stack that deployed the lambda as well (and all the resources created by the lambda reverted as well).
Or alternatively: how can I 'remember' from my lambda which resources were created so that I can rollback them and delete them when the lambda is called afterwards with a 'Delete' event?
I'm assuming you mean custom resources, as that's the only way you can run scripts in cloudformation.
Custom resources have a property called pysicalReourceId. You can use it after your create event to provide info over the resource you've created. When updating or deleting the resource, the id is provided to the lambda event so you can use it. A guide can also be found here: https://advancedweb.hu/how-to-use-the-physicalresourceid-for-cloudformation-custom-resources/
If for some reason it's not possible to use the resource ID I'd use tagging. When creating, tag your resources and when deleting, fetch the resources based on their tag and delete them.
I am currently in charge of adding CloudWatch integration to an already made Cloud Formation stack.
We create the stacks through CLI, but at the moment we add CloudWatch manually afterwards.
What i need is to automatically activate CloudWatch for instances and monitor CPU, hdd and so on through the use of CloudFormation templates.
Thanks in advance!
My suggestion is that you don't add new CloudWatch items to the existing CloudFormation stack. Instead, create a CF template with the appropriate metrics and deploy from this template for each instance you want to monitor.
From there, I suggest you create an AWS Lambda function that will receive an Instance Id as input and will deploy a CloudFormation stack against the instance. You should enable CloudTrail on your account and create a Rule to match any RunInstances event on the account and trigger the Lambda function.
Keep in mind the default limit for CloudFormation stacks is 200. You might need to request an increase depending on your use case.
I am trying to setup an environment on AWS by launching a stack via AWS Cloud Formation template. The stack would be created and then be scheduled for deletion automatically based on the TTL parameter in the template. There seems to be a problem only when the instance is getting launched, it errors out that "Failed to receive 1 resource signal(s) within the specified duration"
If anyone could point out what I am doing wrong in the template, it would be great.
Here is the link for the template in YAML: https://s3.ca-central-1.amazonaws.com/rkbucket028/aws-openshit-cf-template_new.yml
I have already followed this article but there seems to be something wrong with it as well:-
https://aws.amazon.com/blogs/devops/scheduling-automatic-deletion-of-application-environments/#
CloudFormation rolls back if any of the resources have failed to be created (ie didnt responed in the predetermined duration). If you believe that it is only the process that is taking longer and not a genuine failure, you can either incorporate the wait condition, or better use resource creation policy time and count.
Source:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-attribute-creationpolicy.html
PS: Your template url is not accessible. Check your bucket and file permissions on S3 bucket and share the public url
I am trying to get more familiar with the costs around using AWS. I am trying to use aws cloudformation estimate-template-cost with one of the AWS quickstart templates.
Here is my command, which returns a URL:
$: aws --region="us-west-2" cloudformation estimate-template-cost --template-url="https://s3.amazonaws.com/quickstart-reference/hashicorp/vault/latest/templates/quickstart-hashicorp-vault-master.template" --parameters='[{"ParameterKey":"KeyPairName","ParameterValue":"","UsePreviousValue":false},{"ParameterKey":"AccessCIDR","ParameterValue":"0.0.0.0/0","UsePreviousValue":false},{"ParameterKey":"EmailAddress","ParameterValue": "","UsePreviousValue": false},{"ParameterKey":"AvailabilityZones", "ParameterValue":"us-west-2a,us-west-2b,us-west-2c","UsePreviousValue":false}]'
{
"Url": "http://calculator.s3.amazonaws.com/calc5.html?key=cloudformation/500b0d9e-22fd-400a-bfa3-7ad34dfeb592"
}
The URL returned just brings me to the cost calculator website without any information filled out, just blank forms.
I noticed also that when I tried to launch this template manually in the AWS Console, there is no link available:
The parameters I filled out in the Console match the ones in the command. Is there something wrong with the parameters/options as I've filled them out? Or, is there something concerning the AWS account I should look for that won't let me perform this action?
Ah, it appears I simply chose the wrong template to test against, as this template only spins up VPC resources, which do not cost anything.
Is it possible to send a SNS notification after the CFT completion in AWS ? Is there any way to get the progress of the launching CFT in AWS.
When create resources using a CF template there is an Advanced section of the Options menu. From there you can set Notification options using SNS and Topics.
When you start the CF process you can also view the status and importantly where the template might have failed.
You cannot specify notification ARNs via a CloudFormation template itself. You can specify them if you use the console to create the stack creation. But you cannot use the console to update the ARNs once the stack has been created. You can, however, use aws-cli to update the stack with notifications ARNs once it has been created, eg:
aws cloudformation update-stack --stack-name stack-name --use-previous-template --notification-arns "arn:aws:sns:us-east-1:${ACCOUNT_ID}:${TOPIC_NAME}"
Replace the variable ${VARIABLE} with the literal values from your account.
There's also knowledge center article from AWS where you can replace ROLLBACK_IN_PROGRESS statement with any other state of CloudFormation to get SNS Notification.
You can trick CloudFormation into sending SNS messages from inside the template:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/template-custom-resources.html
Custom resources enable you to write custom provisioning logic in
templates that AWS CloudFormation runs anytime you create, update (if
you changed the custom resource), or delete stacks. For example, you
might want to include resources that aren't available as AWS
CloudFormation resource types. You can include those resources by
using custom resources. That way you can still manage all your related
resources in a single stack.
Use the AWS::CloudFormation::CustomResource or Custom::String resource
type to define custom resources in your templates. Custom resources
require one property: the service token, which specifies where AWS
CloudFormation sends requests to, such as an Amazon SNS topic.