aws-cdk: Can not create Pipeline. KMS Alias creation fails

❓ General Issue

The Question

I am trying to create a Pipeline, by reusing code I used in the past and was working. The stack creation fails with error

13/16 | 12:03:25 | CREATE_FAILED        | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) Internal Failure

14/16 | 12:03:26 | CREATE_FAILED        | AWS::KMS::Alias             | ECSDemoFlaskSignupPipeline/ArtifactsBucketEncryptionKeyAlias (ECSDemoFlaskSignupPipelineArtifactsBucketEncryptionKeyAlias34AB1D1E) Resource creation cancelled

The KMS Alias does not exist already, so I don’t think this is related to https://github.com/aws/aws-cdk/issues/4374. I tried the workaround proposed there but it still fails. The error message is a bit different although

 13/15 | 12:18:00 | CREATE_FAILED        | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) Internal Failure

The code I am using is here : https://github.com/sebsto/signup-flask-nginx-docker/blob/master/ecs/cdk-ecs-pipeline/lib/cdk-ecs-pipeline-stack.ts

Environment

  • CDK CLI Version: 
$ cdk --version
1.15.0 (build bdbe3aa)
  • Module Version: 
    "@aws-cdk/aws-codepipeline": "^1.15.0",
    "@aws-cdk/aws-codepipeline-actions": "^1.15.0",

  • OS: Mac OS Mojave

  • Language: Typescript

Other information

 12/16 | 12:03:25 | CREATE_IN_PROGRESS   | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) 
 13/16 | 12:03:25 | CREATE_FAILED        | AWS::CodePipeline::Pipeline | ECSDemoFlaskSignupPipeline (ECSDemoFlaskSignupPipelineB0339F3C) Internal Failure
        new Pipeline (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/@aws-cdk/aws-codepipeline/lib/pipeline.ts:251:26)
        \_ new CdkEcsPipelineStack (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/lib/cdk-ecs-pipeline-stack.ts:96:26)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/bin/cdk-ecs-pipeline.ts:7:1)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Module.m._compile (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:493:23)
        \_ Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Object.require.extensions.<computed> [as .ts] (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:496:12)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/bin.ts:158:12)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Object.Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ /usr/local/lib/node_modules/npm/node_modules/libnpx/index.js:268:14
 14/16 | 12:03:26 | CREATE_FAILED        | AWS::KMS::Alias             | ECSDemoFlaskSignupPipeline/ArtifactsBucketEncryptionKeyAlias (ECSDemoFlaskSignupPipelineArtifactsBucketEncryptionKeyAlias34AB1D1E) Resource creation cancelled
        new Alias (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/@aws-cdk/aws-kms/lib/alias.ts:153:22)
        \_ new Pipeline (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/@aws-cdk/aws-codepipeline/lib/pipeline.ts:238:7)
        \_ new CdkEcsPipelineStack (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/lib/cdk-ecs-pipeline-stack.ts:96:26)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/bin/cdk-ecs-pipeline.ts:7:1)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Module.m._compile (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:493:23)
        \_ Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Object.require.extensions.<computed> [as .ts] (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/index.ts:496:12)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ Object.<anonymous> (/Users/stormacq/Documents/amazon/code/training/demo/signup-flask-nginx-docker/ecs/cdk-ecs-pipeline/node_modules/ts-node/src/bin.ts:158:12)
        \_ Module._compile (internal/modules/cjs/loader.js:956:30)
        \_ Object.Module._extensions..js (internal/modules/cjs/loader.js:973:10)
        \_ Module.load (internal/modules/cjs/loader.js:812:32)
        \_ Function.Module._load (internal/modules/cjs/loader.js:724:14)
        \_ Function.Module.runMain (internal/modules/cjs/loader.js:1025:10)
        \_ /usr/local/lib/node_modules/npm/node_modules/libnpx/index.js:268:14

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Reactions: 1
  • Comments: 17 (12 by maintainers)

Most upvoted comments

+1

I’m getting the same error in us-east-1

$ cdk --version
1.15.0 (build bdbe3aa)

"@aws-cdk/aws-codepipeline": "^1.15.0",
"@aws-cdk/aws-codepipeline-actions": "^1.15.0",

@sebsto Where you able to resolve this?

Update: I fixed my issue. It ended up being that I forgot to add CodePipeline as an OAuth app on github. Once I did that and added the OAuth token to my SecretsManager, everything worked like a charm.

+7
tleef on Nov 8, 2019

If still someone coming here facing the same problem, following is a another scenario that you see this useless error message.

  • Make sure that your GITHUB_TOKEN is created and configured with the pipeline source action.
+5
jkdilunika on Feb 24, 2020

I think this happened to me because I used a non-existing Secret when I accessed it with

oauth_token=core.SecretValue.secrets_manager(...)

Yes, unfortunately that problem manifests itself in a rather ugly 500 error currently. However, I do know the CloudFormation team is planning to change that to handle it more gracefully.

+3
skinny85 on May 28, 2020
Read more comments on GitHub
← aws-cdk: Batch and UserData synths ok but fails deploy with: "Operation failed, ComputeEnvironment went INVALID with error: CLIENT_ERROR - Launch Template UserData is not MIME multipart format"
aws-cdk: Cannot add AutoScalingGroup to more than one Target Group →