Error while deploying: AWS_ACCESS_KEY_ID reserved environment variable


#1

Hello,

I was trying to deploy my sample jetsapp (https://github.com/jalerson/jetsapp), using Dynamoid (https://github.com/Dynamoid/dynamoid) instead of dynomite. However, after executing jets deploy, I’m getting the following error:

Deploying CloudFormation stack with jets app!
12:25:02PM UPDATE_IN_PROGRESS AWS::CloudFormation::Stack jetsapp-dev User Initiated
12:25:07PM CREATE_IN_PROGRESS AWS::CloudFormation::Stack ApiGateway 
12:25:08PM CREATE_IN_PROGRESS AWS::Lambda::LayerVersion GemLayer 
12:25:08PM CREATE_IN_PROGRESS AWS::IAM::Role IamRole 
12:25:08PM CREATE_IN_PROGRESS AWS::CloudFormation::Stack ApiGateway Resource creation Initiated
12:25:09PM CREATE_IN_PROGRESS AWS::IAM::Role IamRole Resource creation Initiated
12:25:20PM CREATE_IN_PROGRESS AWS::Lambda::LayerVersion GemLayer Resource creation Initiated
12:25:20PM CREATE_COMPLETE AWS::Lambda::LayerVersion GemLayer 
12:25:25PM CREATE_COMPLETE AWS::IAM::Role IamRole 
12:25:28PM CREATE_IN_PROGRESS AWS::CloudFormation::Stack JetsPreheatJob 
12:25:29PM CREATE_IN_PROGRESS AWS::CloudFormation::Stack JetsPreheatJob Resource creation Initiated
12:25:30PM CREATE_COMPLETE AWS::CloudFormation::Stack ApiGateway 
12:25:32PM CREATE_IN_PROGRESS AWS::CloudFormation::Stack WebhooksController 
12:25:33PM CREATE_IN_PROGRESS AWS::CloudFormation::Stack WebhooksController Resource creation Initiated
12:25:55PM CREATE_FAILED AWS::CloudFormation::Stack WebhooksController Embedded stack arn:aws:cloudformation:eu-central-1:***:stack/jetsapp-dev-WebhooksController-JXG6Q6C06HL7/c692e9f0-165c-11e9-b41d-0649507b8a60 was not successfully created: The following resource(s) failed to create: [GithubLambdaFunction]. 
12:25:56PM CREATE_FAILED AWS::CloudFormation::Stack JetsPreheatJob Resource creation cancelled
12:25:57PM UPDATE_ROLLBACK_IN_PROGRESS AWS::CloudFormation::Stack jetsapp-dev The following resource(s) failed to create: [WebhooksController, JetsPreheatJob].

Deployment creation failed
#2

Thanks for the example application. Used it and just deployed successfully with it:

$ git clone https://github.com/jalerson/jetsapp.git
$ cd jetsapp
$ jets deploy
...
10:59:15PM UPDATE_COMPLETE_CLEANUP_IN_PROGRESS AWS::CloudFormation::Stack jetsapp-dev 
10:59:15PM UPDATE_COMPLETE AWS::CloudFormation::Stack jetsapp-dev 
Stack success status: UPDATE_COMPLETE
Time took for stack deployment: 2m 11s.
Prewarming application.
API Gateway Endpoint: https://o7zruxs9qf.execute-api.us-west-2.amazonaws.com/dev/
$ 

You get an error when you deploy though and that error is:

12:25:55PM CREATE_FAILED AWS::CloudFormation::Stack WebhooksController Embedded stack arn:aws:cloudformation:eu-central-1:***:stack/jetsapp-dev-WebhooksController-JXG6Q6C06HL7/c692e9f0-165c-11e9-b41d-0649507b8a60 was not successfully created: The following resource(s) failed to create: [GithubLambdaFunction]. 

Jets logs the parent stack events and tells us that it happened in the WebhooksController stack. If you go to the CloudFormation stacks and click on the WebhooksController stack while it is deploying you’ll be able to see the actual nested stack error. You have to do it while the code is deploying because when it fails, the stack will rollback and the nested stacks get cleaned up.

Here’s what the CloudFormation console looks like (in my case my stack successfully finished)

Taking a bit of stab here. Thinking the IAM user you’re using does not have IAM permission to create Lambda functions. If that turns out to be the case, this is helpful http://rubyonjets.com/docs/minimal-deploy-iam/

But seeing the child stack’s error will be helpful :ok_hand:


#3

Hi @tung, thanks for your quick reply!

As recommended, I took a look at the WebhooksController stack events and them I found a detailed error message: I was using reserved environment variable names: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_REGION. I just renamed them removing the AWS_ prefix, and now it’s working perfectly.

Thanks a lot for you quick support on this!


#4

For posterity and others: Added some validation for jets deploy to check special reserved Lambda environment variables.

Jets checks for special environment variables, stops the deploy and let’s users know as of release 1.5.5