Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
SecurityGroup connections between stacks lead to cyclic references
See original GitHub issueI’ve notice two cases where I can get a cyclic reference exception when referencing one stack twice within another:
- In the example below the
props.databaseClusteris coming from adatastack - and I can use either reference on the first or last line to it, but not both.
// app stack
const DATABASE_URL = `postgresql://${props.databaseCluster.clusterEndpoint.hostname}`
const container = taskDefinition.addContainer('app', {
image: ecs.ContainerImage.fromEcrRepository(props.ecr, props.branch),
environment: { DATABASE_URL }
})
// create a SG for Fargate service
const secGroup = new ec2.SecurityGroup(this, 'DataAccessSecGrp', {
vpc: props.vpc,
allowAllOutbound: true
})
// let ECS see RDS
props.databaseCluster.connections.allowDefaultPortFrom(secGroup, 'allow PG')
- I’ve also noticed that I get the same exception if I export two different things from the
datastack and try to reference them in theappstack - for example I defined the security group in thedatastack and export and try to use it inappstack (along with thedatabaseClusterexport).
The error is something like:
Error: Stack ‘data’ already depends on stack ‘app’. Adding this dependency would create a cyclic reference.
Issue Analytics
- State:
- Created 5 years ago
- Comments:13 (11 by maintainers)
Top Results From Across the Web
Handling circular dependency errors in AWS CloudFormation
A common error that you may get when working with AWS CloudFormation is the circular dependency error: error message.
Read more >How to add a security group to an existing RDS with CDK ...
If I try to call the following command from the deploy stack, I get a cyclic dependency error: props.rdsSG.connections.allowFrom(ecsSG, ec2.Port ...
Read more >Resolving Circular Dependency between multiple AWS ...
The core.yaml contains security group for the webserver (WebServerSecurityGroup) and ElasticBanstalk. Also, it is importing the resources from the resources.
Read more >Weird circular dependency issue when updating a CDK ec2 ...
I am using CDK pipelines here to deploy a very simple stack. The stack consists of 2 sub-stacks: an Aurora cluster and an...
Read more >Avoiding Circular Dependency Problems in AWS ...
While creating the stack AWS will throw a “Circular dependency between ... that allows all hosts in a Security Group to access each...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
I’m a bit stumped too, for example, defining an Rds instance in one stack, then dependent stacks wanting to attach SG rules seems to easily raise this error.
Is this supposed to work this way already? I tried creating a BastionLinuxHost in my FoundationStack. Then I create a DB instance in DBStack. Now an attempt to allow SG access from bastion to db using:
this.db.connections.allowDefaultPortFrom(props.bastionHost, 'Allow DB access from bastion')seems to result in a cyclic dependency?