Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Can not create Pipeline. KMS Alias creation fails

See original GitHub issue

❓ General Issue

The Question

I am trying to create a Pipeline, by reusing code I used in the past and was working. The stack creation fails with error

13/16 | 12:03:25 | CREATE_FAILED        | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) Internal Failure

14/16 | 12:03:26 | CREATE_FAILED        | AWS::KMS::Alias             | ECSDemoFlaskSignupPipeline/ArtifactsBucketEncryptionKeyAlias (ECSDemoFlaskSignupPipelineArtifactsBucketEncryptionKeyAlias34AB1D1E) Resource creation cancelled

The KMS Alias does not exist already, so I don’t think this is related to https://github.com/aws/aws-cdk/issues/4374. I tried the workaround proposed there but it still fails. The error message is a bit different although

 13/15 | 12:18:00 | CREATE_FAILED        | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) Internal Failure

The code I am using is here : https://github.com/sebsto/signup-flask-nginx-docker/blob/master/ecs/cdk-ecs-pipeline/lib/cdk-ecs-pipeline-stack.ts

Environment

  • CDK CLI Version: 
$ cdk --version
1.15.0 (build bdbe3aa)
  • Module Version: 
    "@aws-cdk/aws-codepipeline": "^1.15.0",
    "@aws-cdk/aws-codepipeline-actions": "^1.15.0",

  • OS: Mac OS Mojave

  • Language: Typescript

Other information

 12/16 | 12:03:25 | CREATE_IN_PROGRESS   | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) 
 13/16 | 12:03:25 | CREATE_FAILED        | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) Internal Failure
        new Pipeline (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/@aws-cdk/aws-codepipeline/lib/pipeline.ts:251:26)
        \_ new CdkEcsPipelineStack (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/lib/cdk-ecs-pipeline-stack.ts:96:26)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/bin/cdk-ecs-pipeline.ts:7:1)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Module.m._compile (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:493:23)
        \_ Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Object.require.extensions.<computed> [as .ts] (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:496:12)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/bin.ts:158:12)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Object.Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ /usr/local/lib/node_modules/npm/node_modules/libnpx/index.js:268:14
 14/16 | 12:03:26 | CREATE_FAILED        | AWS::KMS::Alias             | ECSDemoFlaskSignupPipeline/ArtifactsBucketEncryptionKeyAlias (ECSDemoFlaskSignupPipelineArtifactsBucketEncryptionKeyAlias34AB1D1E) Resource creation cancelled
        new Alias (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/@aws-cdk/aws-kms/lib/alias.ts:153:22)
        \_ new Pipeline (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/@aws-cdk/aws-codepipeline/lib/pipeline.ts:238:7)
        \_ new CdkEcsPipelineStack (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/lib/cdk-ecs-pipeline-stack.ts:96:26)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/bin/cdk-ecs-pipeline.ts:7:1)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Module.m._compile (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:493:23)
        \_ Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Object.require.extensions.<computed> [as .ts] (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:496:12)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/bin.ts:158:12)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Object.Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ /usr/local/lib/node_modules/npm/node_modules/libnpx/index.js:268:14

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Reactions:1
  • Comments:17 (12 by maintainers)

github_iconTop GitHub Comments

7reactions
tleefcommented, Nov 8, 2019

+1

I’m getting the same error in us-east-1

$ cdk --version
1.15.0 (build bdbe3aa)

"@aws-cdk/aws-codepipeline": "^1.15.0",
"@aws-cdk/aws-codepipeline-actions": "^1.15.0",

@sebsto Where you able to resolve this?

Update: I fixed my issue. It ended up being that I forgot to add CodePipeline as an OAuth app on github. Once I did that and added the OAuth token to my SecretsManager, everything worked like a charm.

5reactions
jkdilunikacommented, Feb 24, 2020

If still someone coming here facing the same problem, following is a another scenario that you see this useless error message.

  • Make sure that your GITHUB_TOKEN is created and configured with the pipeline source action.
Read more comments on GitHub >

github_iconTop Results From Across the Web

AWS::KMS::Alias - AWS CloudFormation
The AWS::KMS::Alias resource specifies a display name for a KMS key. You can use an alias to identify a KMS key in the...
Read more >
Access denied when uploading to KMS-encrypted Amazon ...
This error message indicates that your IAM user or role needs permission for the kms:GenerateDataKey action. Follow these steps to add permission for...
Read more >
aws-cdk/aws-codepipeline
Cross-account Pipeline actions require that the Pipeline has not been created with crossAccountKeys: false . Most pipeline Actions accept an AWS ...
Read more >
AWS::KMS::Alias - Amazon CloudFormation
If you change the value of the AliasName property, the existing alias is deleted and a new alias is created for the specified...
Read more >
KMS — Boto3 Docs 1.26.36 documentation - Amazon AWS
This operation does not return a response. To get the alias that you created, use the ListAliases operation. The KMS key that you...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Can't configure an RDS without Private subnets in a VPC

Next page

aws-stepfunctions-tasks: Confusion between RunLambdaTask and InvokeFunction