Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

ASG policy not failing when AWS api call fails

See original GitHub issue

When I query for invalid ASGs, I’m intermittently hitting rate limit issues. The rate limit errors show up in the AWS api logs, but custodian reports 0 of 0 in the logs. Custodian should fail the run if it is not able to successfully pull back all resources to find invalid ASGs.

Custodian Logs

2018-03-27 02:31:51,925 - custodian.resources.securitygroup - DEBUG - Using cached c7n.resources.vpc.SecurityGroup: 0
2018-03-27 02:31:51,925 - custodian.resources.securitygroup - DEBUG - Filtered from 0 to 0 securitygroup

Cloudtrail Logs

DescribeSecurityGroups    us-west-2      CloudCustodian/0.8.28.1 Python/2.7.14 Linux/4.9.81-35.56.amzn1.x86_64 Botocore/1.8.48    Client.RequestLimitExceeded    Request limit exceeded.

Issue Analytics

  • State:open
  • Created 5 years ago
  • Comments:14 (4 by maintainers)

github_iconTop GitHub Comments

2reactions
mandeepbalcommented, Jun 22, 2018

I’m not sure how to replicate this issue. Similar to @domingosnovo 's account, my account has a bunch of stuff as well. I feel like at a minimum custodian should just throw an exception with Request limit exceeded., rather than returning 0 of 0.

2reactions
domingosnovocommented, Jun 21, 2018

So in resume, this is what’s happening for me:

  1. User runs a policy via CloudCustodian CLI (with caching disabled, so I wouldn’t expect the issue to be related to cache)
  2. Calls to the AWS API are rate limited, and eventually CloudCustodian gives up (doesn’t seem to be related to ELB only, as @mandeepbal experienced similar issues with EC2 calls)
  3. CloudCustodian exits with an exit code 0, while it should have bugged out instead (as the policy failed to run)
Read more comments on GitHub >

github_iconTop Results From Across the Web

EC2 instance launch failures - Amazon EC2 Auto Scaling
This page provides information about your EC2 instances that fail to launch, potential causes, and the steps you can take to resolve the...
Read more >
Troubleshoot Amazon EC2 Auto Scaling - AWS Documentation
Troubleshoot issues with Amazon EC2 Auto Scaling using descriptive error messages.
Read more >
Troubleshoot Amazon EC2 Auto Scaling issues
Call the describe-lifecycle-hooks command, specifying the name of the Amazon EC2 Auto Scaling group associated with the EC2 instances that failed to launch....
Read more >
Troubleshoot Amazon EC2 Auto Scaling: Load balancer issues
One or more target groups not found. Validating load balancer configuration failed. ... Problem: When your Auto Scaling group launches instances, Amazon EC2...
Read more >
Troubleshoot Amazon EC2 Auto Scaling: Health checks
Problem: Auto Scaling instances fail the Amazon EC2 status checks. ... EC2 instance that is not part of the Auto Scaling group and...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Filter for rds-param-group

Next page

security-group ingress filters do not support both OnlyPorts and Cidr