Hi guys,
I have a problem with deploy the script, always says 'CREATE_FAILED'. First, try to resolve that myself and don't have luck, after that, make a support ticket under AWS, and give me this feedback:
I have investigated the issue and determined the error is 'CREATE_FAILED' on resource 'SSMWaitCondition' with the reason being 'Failed to receive 1 resource signal(s) within the specified duration'. This error occurs when the timeout period elapses without a response being received from the instance being launched [1].
I have investigated the issue further by analyzing all the failed API calls made by the CloudFormation stack and found that several resources were not found with the respective error messages:
// Policies
- WSUS-SSM-AutomationExecution
- aws-quick-start-s3-policy
- root
- WSUS-SSM-PassRole
- QS-WSUS-SSM-PassRole
- QS-WSUS-SSM
with error NoSuchEntityException.
// LogGroup
- /aws/Quick_Start/Microsoft-WSUS
with error ResourceNotFoundException.
These resources, however, are defined in the CloudFormation template but since they may all be created at the same time this results in CloudFormation checking for their existence while they are still in the process of creation, leading to the errors previously stated.
An example of a resource which is dependent on one being simultaneously created is where resource 'AWSQuickstartWSUSRole' is used in 'WSUSSSMPassRolePolicy' ,
WSUSSSMPassRolePolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: WSUS-SSM-PassRole
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- iam:PassRole
Resource: !Sub 'arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${AWSQuickstartWSUSRole}'
Roles:
- !Ref 'AWSQuickstartWSUSRole'
Like the above there exists other implicit dependency of other resources like 'QuickStartLogs','AWSQuickstartWSUSRole' etc. in resources like 'WSUSAutomation' etc.
Pre-determining the order of resource creation can prevent these from occurring. The 'DependsOn' attribute in the CFN template.DependsOn attribute can be used to specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute.
You can help me to resolve this issue ???
Thanks so much !!!
Kind regards.
Hi guys,
I have a problem with deploy the script, always says 'CREATE_FAILED'. First, try to resolve that myself and don't have luck, after that, make a support ticket under AWS, and give me this feedback:
I have investigated the issue and determined the error is 'CREATE_FAILED' on resource 'SSMWaitCondition' with the reason being 'Failed to receive 1 resource signal(s) within the specified duration'. This error occurs when the timeout period elapses without a response being received from the instance being launched [1].
I have investigated the issue further by analyzing all the failed API calls made by the CloudFormation stack and found that several resources were not found with the respective error messages:
// Policies
with error NoSuchEntityException.
// LogGroup
with error ResourceNotFoundException.
These resources, however, are defined in the CloudFormation template but since they may all be created at the same time this results in CloudFormation checking for their existence while they are still in the process of creation, leading to the errors previously stated.
An example of a resource which is dependent on one being simultaneously created is where resource 'AWSQuickstartWSUSRole' is used in 'WSUSSSMPassRolePolicy' ,
WSUSSSMPassRolePolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: WSUS-SSM-PassRole
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- iam:PassRole
Resource: !Sub 'arn:${AWS::Partition}:iam::${AWS::AccountId}:role/${AWSQuickstartWSUSRole}'
Roles:
- !Ref 'AWSQuickstartWSUSRole'
Like the above there exists other implicit dependency of other resources like 'QuickStartLogs','AWSQuickstartWSUSRole' etc. in resources like 'WSUSAutomation' etc.
Pre-determining the order of resource creation can prevent these from occurring. The 'DependsOn' attribute in the CFN template.DependsOn attribute can be used to specify that the creation of a specific resource follows another. When you add a DependsOn attribute to a resource, that resource is created only after the creation of the resource specified in the DependsOn attribute.
You can help me to resolve this issue ???
Thanks so much !!!
Kind regards.