AWS Cloud Formation Stuck in Review_In_Progress

Asked 24/9, 2017 at 19:32 Answered 30/4 at 15:8

Solved aws-cloudformation aws-codepipeline

I was trying to set up AWS Code Pipeline with AWS SAM for Lambda using Java-8 as mentioned in the documentations

http://docs.aws.amazon.com/lambda/latest/dg/automating-deployment.html (example is in node.js though).

However, my Staging is stuck at CloudFormation Stack is stuck in REVIEW_IN_PROGRESS for a long time. Is there any way to debug this issue?

I don't see any further events coming in console. Is there any specific things to check for?

The template is as follow

$ aws codepipeline get-pipeline --region us-east-1 --name aws-lexbot-facebook-pipeline
{
    "pipeline": {
        "roleArn": "arn:aws:iam::XXXXXXXXXXXX:role/AWS-CodePipeline-Service", 
        "stages": [
            {
                "name": "Source", 
                "actions": [
                    {
                        "inputArtifacts": [], 
                        "name": "Source", 
                        "actionTypeId": {
                            "category": "Source", 
                            "owner": "ThirdParty", 
                            "version": "1", 
                            "provider": "GitHub"
                        }, 
                        "outputArtifacts": [
                            {
                                "name": "MyApp"
                            }
                        ], 
                        "configuration": {
                            "Owner": “xxxxxxx”, 
                            "Repo": "lexbot", 
                            "PollForSourceChanges": "true", 
                            "Branch": "master", 
                            "OAuthToken": "****"
                        }, 
                        "runOrder": 1
                    }
                ]
            }, 
            {
                "name": "Build", 
                "actions": [
                    {
                        "inputArtifacts": [
                            {
                                "name": "MyApp"
                            }
                        ], 
                        "name": "CodeBuild", 
                        "actionTypeId": {
                            "category": "Build", 
                            "owner": "AWS", 
                            "version": "1", 
                            "provider": "CodeBuild"
                        }, 
                        "outputArtifacts": [
                            {
                                "name": "MyAppBuild"
                            }
                        ], 
                        "configuration": {
                            "ProjectName": "aws-lexbot-facebook-codebuild"
                        }, 
                        "runOrder": 1
                    }
                ]
            }, 
            {
                "name": "Staging", 
                "actions": [
                    {
                        "inputArtifacts": [
                            {
                                "name": "MyAppBuild"
                            }
                        ], 
                        "name": "LexBotBetaStack", 
                        "actionTypeId": {
                            "category": "Deploy", 
                            "owner": "AWS", 
                            "version": "1", 
                            "provider": "CloudFormation"
                        }, 
                        "outputArtifacts": [], 
                        "configuration": {
                            "ActionMode": "CHANGE_SET_REPLACE", 
                            "ChangeSetName": "LexBotChangeSet", 
                            "RoleArn": "arn:aws:iam::XXXXXXXXXXX:role/cloudformation-lambda-execution-role", 
                            "Capabilities": "CAPABILITY_IAM", 
                            "StackName": "LexBotBetaStack", 
                            "TemplatePath": "MyAppBuild::SamTemplate.yaml"
                        }, 
                        "runOrder": 1
                    }
                ]
            }
        ], 
        "artifactStore": {
            "type": "S3", 
            "location": “XXXXXX-us-east-1-987802409920"
        }, 
        "name": "aws-lexbot-facebook-pipeline", 
        "version": 1
    }
}

Dollarbird answered 24/9, 2017 at 19:32 Comment(2)

Can you post the CodePipeline steps? – Superstratum 25/9, 2017 at 2:25

Hi.. I edited the post with the template – Dollarbird 25/9, 2017 at 4:4

Overview

In your CodePipeline step, you're using the CHANGE_SET_CREATE action mode. This creates a change set on the CloudFormation Stack, but does not automatically execute it. You would need a second action that executes the change set using CHANGE_SET_EXECUTE. Alternatively, you can change the action mode on your action to CREATE_UPDATE which should directly update your action.

One reason you might want to use CHANGE_SET_CREATE and CHANGE_SET_EXECUTE in CodePipeline, is if you want to have an approval step between them. If you are expecting this to be completed automatically, I'd recommend CREATE_UPDATE.

CREATE_UPDATE example

Below is your CodePipeline Staging stage, but using CREATE_UPDATE instead of CREATE_CHANGE_SET. This creates a new stack named stack, or updates the existing one if one with that name already exists.

{
    "inputArtifacts": [
        {
            "name": "MyAppBuild"
        }
    ], 
    "name": "LexBotBetaStack", 
    "actionTypeId": {
        "category": "Deploy", 
        "owner": "AWS", 
        "version": "1", 
        "provider": "CloudFormation"
    }, 
    "outputArtifacts": [], 
    "configuration": {
        "ActionMode": "CREATE_UPDATE", 
        "ChangeSetName": "LexBotChangeSet", 
        "RoleArn": "arn:aws:iam::XXXXXXXXXXX:role/cloudformation-lambda-execution-role", 
        "Capabilities": "CAPABILITY_IAM", 
        "StackName": "LexBotBetaStack", 
        "TemplatePath": "MyAppBuild::SamTemplate.yaml"
    }, 
    "runOrder": 1
}

CHANGE_SET_CREATE and CHANGE_SET_EXECUTE example

Below is an example of how you could use CHANGE_SET_CREATE and CHANGE_SET_EXECUTE together. It first creates a change set, on the named stack, then executes that change set. It's really useful if you want to have a CodePipeline Approval step between the change set, and executing it, so you can review the intended changes.

{
    "inputArtifacts": [
        {
            "name": "MyAppBuild"
        }
    ], 
    "name": "LexBotBetaStackChangeSet", 
    "actionTypeId": {
        "category": "Deploy", 
        "owner": "AWS", 
        "version": "1", 
        "provider": "CloudFormation"
    }, 
    "outputArtifacts": [], 
    "configuration": {
        "ActionMode": "CHANGE_SET_REPLACE", 
        "ChangeSetName": "LexBotChangeSet", 
        "RoleArn": "arn:aws:iam::XXXXXXXXXXX:role/cloudformation-lambda-execution-role", 
        "Capabilities": "CAPABILITY_IAM", 
        "StackName": "LexBotBetaStack", 
        "TemplatePath": "MyAppBuild::SamTemplate.yaml"
    }, 
    "runOrder": 1
},
{
    "name": "LexBotBetaStackExecute", 
    "actionTypeId": {
        "category": "Deploy", 
        "owner": "AWS", 
        "version": "1", 
        "provider": "CloudFormation"
    }, 
    "configuration": {
        "ActionMode": "CHANGE_SET_EXECUTE", 
        "ChangeSetName": "LexBotChangeSet", 
        "StackName": "LexBotBetaStack", 
    }, 
    "runOrder": 2
}

Superstratum answered 25/9, 2017 at 14:11 Comment(3)

Thank you for your explanations. I tried both. The first (CREATE_UPDATE) dint work. But adding a second execute step worked. – Dollarbird 25/9, 2017 at 16:48

Cool, if this fixes your problem, want to mark it as accepted? That way people with similar issues can more reliably find the answer – Superstratum 25/9, 2017 at 17:2

I just did accept that answer. Thanks a lot once again – Dollarbird 25/9, 2017 at 17:8

I went to the change set and hit the execute button so it now shows CREATION_IN_PROGRESS.

Loco answered 18/9, 2018 at 14:6 Comment(0)

Some one has already answered, but for more clarity, Please refer below screenshot. Click on Change Sets and then select the change set and hit Execute.

Deas answered 14/3, 2022 at 4:8 Comment(1)

Thanks, just the answer I needed. Day saved :) – Freakish 17/6, 2022 at 9:54

This can be due to some service bug in your template file/troposphere code. Make sure you can visualize the cf tree to check how the services communicate.

Countermove answered 4/1, 2022 at 12:51 Comment(1)

As it’s currently written, your answer is unclear. Please edit to add additional details that will help others understand how this addresses the question asked. You can find more information on how to write good answers in the help center. – Jellicoe 4/1, 2022 at 18:6

This issue can also come up if you trigger an aws cloudformation using an IAM role that is missing:

            - cloudformation:CreateChangeSet
            - cloudformation:DescribeChangeSet
            - cloudformation:ExecuteChangeSet
            - cloudformation:DeleteChangeSet

Drawee answered 30/4 at 15:5 Comment(0)

This issue can also come up if "whatever triggers the aws cloudformation deploy" uses an IAM role that is missing:

        - cloudformation:CreateChangeSet
        - cloudformation:DescribeChangeSet
        - cloudformation:ExecuteChangeSet
        - cloudformation:DeleteChangeSet

Drawee answered 30/4 at 15:8 Comment(0)

Recommended topics

Hot tags