Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Fails to delete security group
See original GitHub issueWhen a security group is created and applied for mounting targets to efs, it gets deployed fine but deletion fails.
Reproduction Steps
- Create EFS
- Create security group for mount targets
- Create mount targets
- Deploy
- Destroy
Code to reproduce (update account and cidr)
import os
import logging
from aws_cdk import (
core,
aws_ec2 as ec2,
aws_efs as efs
)
AWS_REGION="us-west-2"
AWS_ACCOUNT="<account>"
class MyStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
vpc = ec2.Vpc(
self, "my-vpc",
cidr="<cidr>",
max_azs=2,
nat_gateways=1
)
efs_mt_sg = ec2.SecurityGroup(
self, "efs_mt_sg",
vpc=vpc,
allow_all_outbound=True
)
efs_fs = efs.EfsFileSystem(self, "efs",
vpc=vpc,
security_group=efs_mt_sg)
efs.CfnMountTarget(self, "mount_target1",
file_system_id=efs_fs.file_system_id,
security_groups=[efs_mt_sg.security_group_id],
subnet_id=vpc.private_subnets[0].subnet_id)
efs.CfnMountTarget(self, "mount_target2",
file_system_id=efs_fs.file_system_id,
security_groups=[efs_mt_sg.security_group_id],
subnet_id=vpc.private_subnets[1].subnet_id)
self.output_props=dict()
# pass objects to another stack
@property
def outputs(self):
return self.output_props
app = core.App()
stack = MyStack(
app,
"my-stack",
description="Creates the Stack",
env=core.Environment(region=AWS_REGION, account=AWS_ACCOUNT)
)
app.synth()
Error Log
resource sg-09c4efe115ae38094 has a dependent object (Service: AmazonEC2; Status Code: 400; Error Code: DependencyViolation; Request ID: 05e5f8c0-cab2-4acf-a68b-bed7ba34ddb7)
Environment
- CLI Version :1.31.0
- Framework Version:<What is this? not sure>
- OS : Mac OS Catalina
- Language : Python3
Other
This could be related but happens in a different scenario: https://github.com/aws/aws-cdk/issues/6701
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 3 years ago
- Reactions:4
- Comments:5 (3 by maintainers)
Top Results From Across the Web
unable to delete security groups from amazon aws
Go to your security group "testcluster-zookeeper". · Delete all referenced rules to testcluster · Press the "apply rule changes" button · Go to ......
Read more >not able to delete a security group for my Amazon VPC in AWS
Hi@akhtar,. When you try to delete that security group, you will get an error message which will give the ID of the resource...
Read more >Unable to delete AWS Security Groups · Issue #6454 - GitHub
Looking at the EC2 error message, it sounds like you have rules in your security groups that reference each other. Try clearing out...
Read more >Why Can't I Delete A Security Group? - GitHub Pages
A. Your security group might be in use by a Neutron port. To delete the security group, you'll first need to delete the...
Read more >delete-security-group — AWS CLI 2.9.8 Command Reference
If you attempt to delete a security group that is associated with an instance, or is referenced by another security group, the operation...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I am seeing the same problem … the cdk destroy fails to delete the ENI attached to EFS.
Appreciate any help to clear this.
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled.