List of Errors
This section covers how to handle errors encountered during bootstrapping and deployment.
1. SSOTokenProviderFailure
Error: SSOTokenProviderFailure: SSO Token refresh failed. Please log in using "aws sso login"
Solution: This error occurs when your SSO token has expired. You can re-authenticate for another session (valid for 1 hour) by running:
aws sso login --profile [profile name]
2. This CDK CLI is not compatible
Error: This CDK CLI is not compatible with the CDK library used by your application. Please upgrade the CLI to the latest version.
Solution: This error occurs when there are problems with the symlink and mismatch with globally installed aws-cdk. Refer to this (opens in a new tab).
3. CDK deployment requires bootstrap stack version '6'
Error: This CDK deployment requires bootstrap stack version '6', but during the confirmation via SSM parameter.
Solution: The cdk synth step creates a number of resources for your app. One of those resources is a check that the deploying tool has the correct version. This is an error that would happen, if you ran cdk deploy with an out-of-date bootstrap (opens in a new tab).
- Delete
cdk.out
folder
- Go to
S3
in the AWS Management Console, select the bucket, andEmpty
it first. Once the bucket is emptied, you can thenDelete
it.
- Go to
CloudFormation
in the AWS Management Console, select theCDKToolkit
, and click onDelete
.
If delete fails, try to delete again and select force delete.
- Run bootstrap and deploy command again.
cdk bootstrap --qualifier [qualifier name] --profile [profile name]
cdk deploy --qualifier [qualifier name] --require-approval never --profile [profile name]
4. P1000: Authentication failed
Error: P1000: Authentication failed against database server at localhost, the provided database credentials for *** are not valid.
Solution: This error can occur under two circumstances.
- GitHub CI/CD is handling the "Apply all pending migrations to the database" section. Ensure that the single quote is not omitted.
DATABASE_URL='postgresql://${{ secrets.STAGING_DB_USERNAME }}:${{ secrets.STAGING_DB_PWD }}@localhost:${{ secrets.DB_PORT }}/${{ secrets.STAGING_DB_NAME }}?schema=public' npx prisma migrate deploy
- You are running
docker-compose.yml
. Two Postgresql instances are running at the same time. For example locally installed postgresql and in the docker instance.
- Can be fixed by removing Postgres locally from your Mac/Windows machine.
5. Role arn:aws:iam:.... is invalid or cannot be assumed
Error: Role arn:aws:iam::account-id:role/cdk-launchgoat-cfn-exec-role-account-id-us-east-1 is invalid or cannot be assumed
Solution: This error occurs when you tried to run cdk destroy
. It can happen when you deleted above role (cdk-launchgoat-cfn-exec-role-account-id-us-east-1
) from IAM or you manually deleted S3 asset from bootstrapping. You need to create that role again. Refer to this (opens in a new tab).
5. This site can’t be reached (NOTE: this is the solution for initial deployment)
Error: This site can’t be reached ecsalb-[id].us-east-1.elb.amazonaws.com took too long to respond.
Solution: This error occurs when your Node.js application has an error or the DNS did not get resolved.
-
Check the
Logs
in your ECSService
. Go toECS
in the AWS Management Console, select the cluster. -
Select the service.
- Select the
Logs
tab and check if there is any error.
-
If there is an error, fix your error based on the error message and destroy all resources then redeploy.
-
If you can't find any errors, it might be because you are on HTTPS. Switch to HTTP and try again.
6. Could not assume role with OIDC
Error: Could not assume role with OIDC: Not authorized to perform sts:AssumeRoleWithWebIdentity
Solution: This error occurs during the Configure AWS credentials
process in the CI/CD deployment.
This is probably because you have set the wrong GitHub repository. Go to IAM > Roles > githubOIDCDeployRole
. Try updating the repository values by clicking on Edit trust policy
.
If it still doesn't work, run cdk destroy
to remove all resources, check your cdk/.env
file for the correct GitHub values, and then redeploy. i.e. For production
GITHUB_ORG=
GITHUB_REPO=AWSLaunchGOAT-backend
GITHUB_BRANCH=main
7. Specify an environment name like 'aws://123456789012/us-east-1'
Error: Specify an environment name like 'aws://123456789012/us-east-1', or run in a directory with 'cdk.json'.
Solution: This error occurs when you are not in the cdk
folder and run cdk commands. Make sure you are in the cdk
folder, i.e., cd cdk
.
8. Cannot connect to the Docker daemon at ...
Error: ERROR: Cannot connect to the Docker daemon at unix:///Users/.../.docker/run/docker.sock. Is the docker daemon running?
Solution: This error occurs when you run cdk commands without starting the Docker Desktop app. Make sure to run it first.
9. [Error at /CdkStack/ACM] Found zones:
Error: [Error at /CdkStack/ACM] Found zones: [] for dns:....com, privateZone:undefined, vpcId:undefined, but wanted exactly 1 zone
Solution: This error occurs when you do not specify DNS settings through AWS Route 53. Make sure you have a hosted zone set up in your AWS account, and try again.
10. Error: P1001: Can't reach database server at localhost:***
Error: Error: P1001: Can't reach database server at localhost:*** Please make sure your database server is running at localhost:***.
Solution: The error occurs when the correct values for DATABASE_URL
are not specified. Ensure that you copy the database values from AWS Secrets Manager and paste them into GitHub Secrets. Also make sure you get EC2_INSTANCE_ID
in GitHub Secrets from EC2. You can refer to this.
11. CdkStack: destroy failed Error: Could not assume role...
Error: CdkStack: destroy failed Error: Could not assume role in target account using current credentials (which are for account ...)
Solution: The error occurs when you ran cdk
commands such as cdk destroy --profile ...
. Go to your cdk/.env
and uncomment the profile you want to use (either staging or production) and comment out the other one.
12. CdkStack: UPDATE_IN_PROGRESS state and can not be updated
Solution: The error occurs when you run cdk
commands, such as cdk destroy --profile ...
, but CloudFormation is still in progress and cannot be deleted. There can be various reasons for this, and the solution depends on which stack is causing the issue. If you just want to delete the entire stack, go to CloudFormation and select the stack with UPDATE_IN_PROGRESS
then select Cancel update state
.
Once the state becomes UPDATE_ROLLBACK_COMPLETE
, you can rerun the cdk command.