question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

aws-sam-cli-managed-default stack rolled back with "The specified bucket is not valid" error

See original GitHub issue

Description:

When setting up a new sam project using sam init, then sam build and then sam deploy --guided, the Cloud Formation process fails with:

Error: Failed to create managed resources: Waiter StackCreateComplete failed: Waiter encountered a terminal failure state: For expression “Stacks[].StackStatus” we matched expected path: “ROLLBACK_COMPLETE” at least once

Steps to reproduce:

$ sam init
Which template source would you like to use?
	1 - AWS Quick Start Templates
	2 - Custom Template Location
Choice: 1
What package type would you like to use?
	1 - Zip (artifact is a zip uploaded to S3)
	2 - Image (artifact is an image uploaded to an ECR image repository)
Package type: 1

Which runtime would you like to use?
	1 - nodejs14.x
	2 - python3.9
	3 - ruby2.7
	4 - go1.x
	5 - java11
	6 - dotnetcore3.1
	7 - nodejs12.x
	8 - nodejs10.x
	9 - python3.8
	10 - python3.7
	11 - python3.6
	12 - python2.7
	13 - ruby2.5
	14 - java8.al2
	15 - java8
	16 - dotnetcore2.1
Runtime: 1

Project name [sam-app]: github-test-case

Cloning from https://github.com/aws/aws-sam-cli-app-templates

AWS quick start application templates:
	1 - Hello World Example
	2 - Step Functions Sample App (Stock Trader)
	3 - Quick Start: From Scratch
	4 - Quick Start: Scheduled Events
	5 - Quick Start: S3
	6 - Quick Start: SNS
	7 - Quick Start: SQS
	8 - Quick Start: Web Backend
Template selection: 1

    -----------------------
    Generating application:
    -----------------------
    Name: github-test-case
    Runtime: nodejs14.x
    Dependency Manager: npm
    Application Template: hello-world
    Output Directory: .

    Next steps can be found in the README file at ./github-test-case/README.md

$ cd github-test-case
$ sam deploy --guided --debug
2021-09-04 22:54:55,157 | Telemetry endpoint configured to be https://aws-serverless-tools-telemetry.us-west-2.amazonaws.com/metrics
2021-09-04 22:54:55,158 | Using config file: samconfig.toml, config environment: default
2021-09-04 22:54:55,158 | Expand command line arguments to:
2021-09-04 22:54:55,158 | --guided --template_file=/Users/nrj/Projects/github-test-case/template.yaml --stack_name=sam-app --fail_on_empty_changeset

Configuring SAM deploy
======================

	Looking for config file [samconfig.toml] :  Not found

	Setting default arguments for 'sam deploy'
	=========================================
	Stack Name [sam-app]: github-test-case
	AWS Region [eu-west-2]:
2021-09-04 22:55:01,053 | No Parameters detected in the template
2021-09-04 22:55:01,080 | 2 stacks found in the template
	#Shows you resources changes to be deployed and require a 'Y' to initiate deploy
	Confirm changes before deploy [y/N]:
	#SAM needs permission to be able to create roles to connect to the resources in your template
	Allow SAM CLI IAM role creation [Y/n]:
2021-09-04 22:55:03,600 | No Parameters detected in the template
2021-09-04 22:55:03,628 | 2 resources found in the stack
2021-09-04 22:55:03,628 | No Parameters detected in the template
2021-09-04 22:55:03,651 | Found Serverless function with name='HelloWorldFunction' and CodeUri='hello-world/'
2021-09-04 22:55:03,651 | --base-dir is not presented, adjusting uri hello-world/ relative to /Users/nrj/Projects/github-test-case/template.yaml
2021-09-04 22:55:03,651 | No Parameters detected in the template
2021-09-04 22:55:03,675 | Detected Inline Swagger definition
2021-09-04 22:55:03,675 | Auth checks done on swagger are not exhaustive!
	HelloWorldFunction may not have authorization defined, Is this okay? [y/N]: y
2021-09-04 22:55:05,117 | No Parameters detected in the template
2021-09-04 22:55:05,148 | 2 resources found in the stack
2021-09-04 22:55:05,148 | No Parameters detected in the template
2021-09-04 22:55:05,171 | Found Serverless function with name='HelloWorldFunction' and CodeUri='hello-world/'
2021-09-04 22:55:05,171 | --base-dir is not presented, adjusting uri hello-world/ relative to /Users/nrj/Projects/github-test-case/template.yaml
2021-09-04 22:55:05,171 | No function or layer definition found with code sign config, skipping
	Save arguments to configuration file [Y/n]:
	SAM configuration file [samconfig.toml]:
	SAM configuration environment [default]:

	Looking for resources needed for deployment:
2021-09-04 22:55:08,406 | Managed S3 stack [aws-sam-cli-managed-default] not found. Creating a new one.
	Creating the required resources...
2021-09-04 22:55:39,246 | Failed to create managed resources
Traceback (most recent call last):
  File "/usr/local/Cellar/aws-sam-cli/1.30.0/libexec/lib/python3.8/site-packages/samcli/lib/utils/managed_cloudformation_stack.py", line 107, in _create_or_get_stack
    stack = _create_stack(
  File "/usr/local/Cellar/aws-sam-cli/1.30.0/libexec/lib/python3.8/site-packages/samcli/lib/utils/managed_cloudformation_stack.py", line 180, in _create_stack
    stack_waiter.wait(StackName=stack_id, WaiterConfig={"Delay": 15, "MaxAttempts": 60})
  File "/usr/local/Cellar/aws-sam-cli/1.30.0/libexec/lib/python3.8/site-packages/botocore/waiter.py", line 53, in wait
    Waiter.wait(self, **kwargs)
  File "/usr/local/Cellar/aws-sam-cli/1.30.0/libexec/lib/python3.8/site-packages/botocore/waiter.py", line 350, in wait
    raise WaiterError(
botocore.exceptions.WaiterError: Waiter StackCreateComplete failed: Waiter encountered a terminal failure state: For expression "Stacks[].StackStatus" we matched expected path: "ROLLBACK_COMPLETE" at least once
2021-09-04 22:55:39,248 | Sending Telemetry: {'metrics': [{'commandRun': {'requestId': 'db327d08-08a0-4f89-8a28-983e73244651', 'installationId': 'ff7e8c7e-a91e-453d-a62a-c57922b8ef47', 'sessionId': '23501a9e-26a9-428b-a77a-4761f0c4f8f3', 'executionEnvironment': 'CLI', 'ci': False, 'pyversion': '3.8.12', 'samcliVersion': '1.30.0', 'awsProfileProvided': False, 'debugFlagProvided': True, 'region': '', 'commandName': 'sam deploy', 'duration': 44088, 'exitReason': 'ManagedStackError', 'exitCode': 1}}]}
2021-09-04 22:55:39,955 | HTTPSConnectionPool(host='aws-serverless-tools-telemetry.us-west-2.amazonaws.com', port=443): Read timed out. (read timeout=0.1)
Error: Failed to create managed resources: Waiter StackCreateComplete failed: Waiter encountered a terminal failure state: For expression "Stacks[].StackStatus" we matched expected path: "ROLLBACK_COMPLETE" at least once

Observed result:

The following error on the CLI:

Error: Failed to create managed resources: Waiter StackCreateComplete failed: Waiter encountered a terminal failure state: For expression “Stacks[].StackStatus” we matched expected path: “ROLLBACK_COMPLETE” at least once

An event on SamCliSourceBucketBucketPolicy in status CREATE_FAILED with error:

The specified bucket is not valid. (Service: Amazon S3; Status Code: 400; Error Code: InvalidBucketName; Request ID: RT87VR3Q5R82GMEN; S3 Extended Request ID: rD6481ZT7Xx0iMSXqKLIOg7Hwz/5PKMjA/FKqWze8fl7AQ16NCaDRnMuIEL5O0zrFQyQPnHonhU=; Proxy: null)

Expected result:

I’m not familiar with this tool, but I assume a working project?

Additional environment details (Ex: Windows, Mac, Amazon Linux etc)

  1. OS: macOS 11.5.1 (20G80)
  2. sam --version: SAM CLI, version 1.30.0
  3. AWS region: eu-west-2

Issue Analytics

  • State:closed
  • Created 2 years ago
  • Reactions:15
  • Comments:20 (4 by maintainers)

github_iconTop GitHub Comments

8reactions
CoshUScommented, Sep 9, 2021

Fix has been released in 1.31.0. https://github.com/aws/aws-sam-cli/releases/tag/v1.31.0 Please run sam delete --stack-name aws-sam-cli-managed-default to remove the broken managed stack before going through guided deploy or --resolve-s3 again.

3reactions
yobooooicommented, Mar 15, 2022

I’ve also encountered this issue on SAM CLI, version 1.40.1 but it was a permission issue in the account I was using. My role didn’t have the correct S3 permissions to create an encrypted bucket, which caused that default sam stack to fail. Or in some cases it could also be a SCP preventing encryption changes.

https://stackoverflow.com/questions/69839126/aws-iam-s3-error-putting-s3-server-side-encryption-configuration-accessdeni

Read more comments on GitHub >

github_iconTop Results From Across the Web

Stack failure options - AWS CloudFormation
To pause the rollback of failed resources in your stack, the following conditions must be met. You must specify the Preserve successfully provisioned...
Read more >
Error: Failed to create/update the stack: resume-stack, Waiter ...
I am trying to reproduce, step-by-step, the instructions on this video "Install AWS SAM CLI and create an S3 Bucket" from youtube, ...
Read more >
AWS CloudFormation Stack Failure Options - YouTube
In this video, you'll see how to use AWS CloudFormation stack failure options. With this feature, you can preserve the state of provisioned ......
Read more >
Tutorial to build Serverless application using the AWS ...
To do this, run the yum tool with the install command, specifying the OpenJDK ... to make a decision to whether a rollback...
Read more >
New! Disable Rollback for AWS CloudFormation - CloudHesive
Disable Rollback works exactly as it sounds and. ... the root cause for the failure to be identified, remediated and the stack creation...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found