DEVHIDE
Login Or Sign up

CloudFormation Stack failing to deploy due to CREATE_FAILED for AWS::SSM::Parameter

80 Views Asked by At

I am trying to stand up a CloudFormation Stack which creates an AWS Systems Manager Parameter with the value of an old AWS provided Windows 2019 AMI ID.

The CloudFormation stack failed to create with the following error:

Resource handler returned message: "Resource of type 'AWS::SSM::Parameter' with identifier '/com-workshop/windows-2019-old-ami' was not found." (RequestToken: 5c5d62c5-dba0-ac41-1cdd-88e6faff1b65, HandlerErrorCode: NotFound)

The old AMI ID is retrieved using a custom CloudFormation resource and Lambda function. The CloudWatch Logs for the Lambda function indicate that it ran successfully and passed the old AMI ID back to CloudFormation:

{
    "Status": "SUCCESS",
    "Reason": "See the details in CloudWatch Log Stream: 2023/09/11/[$LATEST]99e435473a1b4404b534dd3b400b9b40",
    "PhysicalResourceId": "2023/09/11/[$LATEST]99e435473a1b4404b534dd3b400b9b40",
    "StackId": "arn:aws:cloudformation:us-east-1:012345678912:stack/com-workshop-resources/ec8bd600-507f-11ee-842a-126b77e04a61",
    "RequestId": "6e343deb-055c-4513-87cf-1bfb175ba049",
    "LogicalResourceId": "GetOldAMILambdaInvoke",
    "NoEcho": false,
    "Data": {
        "AmiId": "ami-0ab05a04b66a879af"
    }
}

This is further perplexing as the SSM Parameter exists within the account:

[cloudshell-user@ip-10-4-85-209 ~]$ aws ssm get-parameter --name /com-workshop/windows-2019-old-ami
{
    "Parameter": {
        "Name": "/com-workshop/windows-2019-old-ami",
        "Type": "String",
        "Value": "ami-0ab05a04b66a879af",
        "Version": 1,
        "LastModifiedDate": "2023-09-11T08:49:18.051000+00:00",
        "ARN": "arn:aws:ssm:us-east-1:012345678912:parameter/com-workshop/windows-2019-old-ami",
        "DataType": "aws:ec2:image"
    }
}

There are no other errors in the CloudFormation Events tab. Any ideas on how to troubleshoot this stack provisioning failure further? Thanks!

Snippets of the CFN template:

  GetOldAMILambdaFunction:
    Type: AWS::Lambda::Function
    Properties:
      FunctionName: getOldWindowsAMI
      Role: !GetAtt GetOldAMILambdaFunctionRole.Arn
      Handler: index.lambda_handler
      Runtime: python3.9
      Timeout: 15
      Tags:
        - Key: Workload
          Value: com-workshop
      Code:
        ZipFile: |
          .... <code removed> ....
  GetOldAMILambdaInvoke:
    Type: AWS::CloudFormation::CustomResource
    Version: "1.0"
    Properties:
      ServiceToken: !GetAtt GetOldAMILambdaFunction.Arn

  OldWindowsAmiIdParameter:
    Type: AWS::SSM::Parameter
    Properties: 
      DataType: aws:ec2:image
      Description: 'Old Windows 2019 AMI ID for com workshop compliance graph'
      Name: '/com-workshop/windows-2019-old-ami'
      Type: String
      Value: !GetAtt GetOldAMILambdaInvoke.AmiId
aws-lambda aws-cloudformation aws-ssm aws-cloudformation-custom-resource aws-parameter-store
Original Q&A
0

There are 0 best solutions below

Related Questions in AWS-LAMBDA

Related Questions in AWS-CLOUDFORMATION

Related Questions in AWS-SSM

Related Questions in AWS-CLOUDFORMATION-CUSTOM-RESOURCE

Related Questions in AWS-PARAMETER-STORE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs

Popular Questions

.

Copyright © 2021 Jogjafile Inc.