Amplify-cli: build failure on "CREATE_FAILED SNSRole"
Note: If your issue/bug is regarding the AWS Amplify Console service, please log it in the
official AWS Amplify Console forum
Describe the bug
I am getting a build failure on "CREATE_FAILED SNSRole"
I added Auth using "amplify auth add", then i pushed using "amplify push". I commited my latest changes to AWS CodeCommit. During the build it failed on
# Starting phase: build
# Executing command: amplifyPush --simple
2019-04-28T06:51:29.295Z [INFO]: # Getting Amplify CLI Cloud-Formation stack info from environment cache
2019-04-28T06:51:29.322Z [INFO]: # Start initializing Amplify environment: master
2019-04-28T06:51:29.324Z [INFO]: STACKINFO={
"awscloudformation": {
"AuthRoleName": "aws-amplify-20190316163924-authRole",
"UnauthRoleArn": "arn:aws:iam::113026965814:role/aws-amplify-20190316163924-unauthRole",
"AuthRoleArn": "arn:aws:iam::113026965814:role/aws-amplify-20190316163924-authRole",
"Region": "us-west-2",
"DeploymentBucketName": "aws-amplify-20190316163924-deployment",
"UnauthRoleName": "aws-amplify-20190316163924-unauthRole",
"StackName": "aws-amplify-20190316163924",
"StackId": "arn:aws:cloudformation:us-west-2:113026965814:stack/aws-amplify-20190316163924/1d610510-484d-11e9-ab7c-0ad0021418ba"
},
"categories": {
"auth": {
"cognito91d36e32": {},
"cognitobeb76591": {}
}
}
}
# Importing Amplify environment: master (amplify env import)
2019-04-28T06:51:37.178Z [INFO]: Successfully added environment from your project
2019-04-28T06:51:37.185Z [INFO]: # Initializing existing Amplify environment: master (amplify init)
2019-04-28T06:51:38.620Z [INFO]: Note: It is recommended to run this command from the root of your app directory
2019-04-28T06:51:40.934Z [WARNING]: - Initializing your environment: master
2019-04-28T06:51:41.290Z [WARNING]: ✔ Initialized provider successfully.
2019-04-28T06:51:41.518Z [WARNING]: - Updating resources in the cloud. This may take a few minutes...
2019-04-28T06:51:47.355Z [INFO]:
2019-04-28T06:51:47.358Z [INFO]: UPDATE_IN_PROGRESS aws-amplify-20190316163924 AWS::CloudFormation::Stack Sun Apr 28 2019 06:51:42 GMT+0000 (UTC) User Initiated
2019-04-28T06:51:52.285Z [INFO]:
2019-04-28T06:51:52.288Z [INFO]: CREATE_IN_PROGRESS authcognitoa948af67 AWS::CloudFormation::Stack Sun Apr 28 2019 06:51:47 GMT+0000 (UTC)
CREATE_IN_PROGRESS authcognitoa948af67 AWS::CloudFormation::Stack Sun Apr 28 2019 06:51:49 GMT+0000 (UTC) Resource creation Initiated
2019-04-28T06:51:52.328Z [INFO]:
2019-04-28T06:51:52.331Z [INFO]: CREATE_IN_PROGRESS aws-amplify-20190316163924-authcognitoa948af67-W9WQIC0ATZ2D AWS::CloudFormation::Stack Sun Apr 28 2019 06:51:48 GMT+0000 (UTC) User Initiated
2019-04-28T06:51:57.414Z [INFO]:
2019-04-28T06:51:57.416Z [INFO]: CREATE_IN_PROGRESS SNSRole AWS::IAM::Role Sun Apr 28 2019 06:51:56 GMT+0000 (UTC)
CREATE_FAILED SNSRole AWS::IAM::Role Sun Apr 28 2019 06:51:56 GMT+0000 (UTC) cognitoa948af67_sns-role-master already exists in stack arn:aws:cloudformation:us-west-2:113026965814:stack/projectname-20190427215707-authcognitoa948af67-15ZQGBT9KRHJV/b71d7b40-697a-11e9-b512-067128db80fc
CREATE_FAILED aws-amplify-20190316163924-authcognitoa948af67-W9WQIC0ATZ2D AWS::CloudFormation::Stack Sun Apr 28 2019 06:51:56 GMT+0000 (UTC) The following resource(s) failed to create: [SNSRole].
2019-04-28T06:52:02.376Z [INFO]:
2019-04-28T06:52:02.380Z [INFO]: CREATE_FAILED authcognitoa948af67 AWS::CloudFormation::Stack Sun Apr 28 2019 06:51:59 GMT+0000 (UTC) Embedded stack arn:aws:cloudformation:us-west-2:113026965814:stack/aws-amplify-20190316163924-authcognitoa948af67-W9WQIC0ATZ2D/185465c0-6982-11e9-a600-0aeceae62d6e was not successfully created: The following resource(s) failed to create: [SNSRole].
UPDATE_ROLLBACK_IN_PROGRESS aws-amplify-20190316163924 AWS::CloudFormation::Stack Sun Apr 28 2019 06:52:00 GMT+0000 (UTC) The following resource(s) failed to create: [authcognitoa948af67].
2019-04-28T06:52:07.289Z [INFO]:
2019-04-28T06:52:07.292Z [INFO]: UPDATE_ROLLBACK_COMPLETE_CLEANUP_IN_PROGRESS aws-amplify-20190316163924 AWS::CloudFormation::Stack Sun Apr 28 2019 06:52:04 GMT+0000 (UTC)
...
neopan1600
All 16 comments
I noticed there are two older cognito auth id's listed in the cloudformation, but not the one that failed
"auth": {
"cognito91d36e32": {},
"cognitobeb76591": {}
}
is there a way to update this?
neopan1600
on 28 Apr 2019
@neopan1600 do you have 2 environments with same name in 2 different AWS region? What region do you use for local development and what region do you use in Amplify Console?
yuth
on 30 Apr 2019
right now i only have a master environment. the local dev and deployed version are both "us-west-2". I checked "team-provide-info.json" to verify. I also looked at the amplify console for the "us-west-2" region. for user pool, only "cognitoa948af67" exists (i deleted others), for identity "cognitobeb76591" and "cognito704b3e59" (this is different than the one in the error).
I tried to rethink all the steps i did to this point, not sure if it is helpful info:
when i originally created the project, i installed the AWS locally and created the IAM user and the userpool. after i finally got it build correctly using codecommit (there was a Cloudformation setting i didn't have set up), i finally was able to get it to build without errors. i know during that testing i tried re-init a few times("amplify init") and creating a new user, seeing if that would fix it.
anyways after the successful build, my userpool was empty (test users gone). and i was getting a user pool error both locally and on the deployed version. so i re-added the auth "amplify auth add". got everything working locally.
ADDENDUM: i forgot to mention that I added hosting to S3bucket and CF. but when i did "amplify publish" I was getting an error. after i failed a few times, i removed the hosting. So i tried to see if I could get it to build using codecommit.
then i pushed all my changes to codecommit, and now i get the failure during deploy.
neopan1600
on 30 Apr 2019
@yuth I noticed something on CodeCommit for the "team-provide-info.json" file, i forgot i renamed the project from the default (aws-amplify..). and both (this current stack name and original stack name) still exist in the cloudformation. the one with aws-amplify name, created a nested one with different auth (cognito704b3e59 - no users), a few minutes before the one with my current project (cognitoa948af67 - this one has my current test user). do you think this is causing the conflict? did i forget to delete/edit a file?
neopan1600
on 1 May 2019
@yuth would it be cleaner/better to restart the amplify process all over? "amplify init" => "amplify push" => "amplify auth add" => "amplify push" => "amplify hosting add" => "amplify publish" ? how can i disassociate with the current cloudformation and code commit? (delete the "amplify" folder?)
neopan1600
on 2 May 2019
It would be easier to create a new environment instead of recreating it all over.
yuth
on 2 May 2019
Ok thank you. i'll go that route and test it this evening and create a dev environment. Should i also delete the current environment "amplify env remove master" or give master a new name. @yuth
neopan1600
on 2 May 2019
@yuth i think creating new environment worked. atleast building it completes and deploys. when i click on the "sign in" button it doesn't do anything, the console says "Cannot read property 'preventDefault' of undefined" on the SignIn.js page. If click on sign-up page and try to sign-up, it gets a 400 error to https://cognito-idp.us-west-2.amazonaws.com/
But if i copy the local build files to an S3 bucket and set it up as a Static Website, it can log in and connect to the user pool. I'm not sure if this related to the User Pool or build process on AWS-Amplify.
neopan1600
on 2 May 2019
Getting this a well. Not impressed so far with the framework and all the errors and issues it is generating
tomrum
on 12 Feb 2020
I think the issue should be reopened, there was a name clashwith another project I ran before, but one that had a project name completely different... the snsdev-dev automated name for a role should not be so prone to be replicated (probably because both projects had a dev environment?) It should be something more difficult to clash or let cloudformation create it for you , in my case this happened:
Resource Name: SNSRole (AWS::IAM::Role)
Event Type: create
Reason: snsdev-dev already exists in stack arn:aws:cloudformation
marcosnr
on 12 Mar 2020
I also got stuck on this as long as I was using the same environment name i.e. dev to be specific. when I did an amplify delete and manually deleted (actually an S3 bucket was not getting deleted) some resources from the console and re did the amplify init with development as environment name, all got fixed.
pks90
on 13 Apr 2020
I can't get over my frustration with this framework. Every single error I run into is a well known issue that is asked multiple times with no helpful information.
It is even more insulting to constantly see "same issue, closing. Same issue, closing." and all of the issues are dead, have no info, or just have more and more people piling onto this. Even worse when they're closed after a pull request but I'm still having the issue.
amplify init && amplify add auth && amplify add api from a brand new repo already broke my amplify project. And i did the exact same thing a week ago with no problems. I have no idea where to begin to look
Looks like my issue was not not using amplify push after auth before amplify add api.
So:
amplify init && amplify add auth && amplify push
amplify add api && amplify push
I only believe this to be the case because this was the only way to avoid the create sns dev role error.
heondo
on 28 Apr 2020
@heondo Sorry to hear your experience. I would like to help you out here - what's the error that you were seeing when running amplify push without adding auth? Was it the same as "CREATE_FAILED SNSRole" as mentioned in the description of this issue?
kaustavghosh06
on 28 Apr 2020
@kaustavghosh06
I appreciate the reply and your general activity on this site. I was having the same error creating the SNS role when attempting to push a new amplify project after adding api and auth from the CLI.
Three new projects I ran into the same error but breaking it up into
amplify init && amplify add auth && amplify push
amplfiy add api && amplify push lets me successfuly push my project with no errors.
heondo
on 29 Apr 2020
I run into the same issue. I run into it when running two different amplify projects that have the same environment name.
They both try to create an SNSRole named something like smsmaster-master which fits the template sns${git-branch}-${environment}.
All the other IAM accounts created have both the project name and some randomish number as a prefix . But these SNS accounts don't have any project or random-ish number prefixes.
Can these SNS roles be created such that they're distinct for each amplify project? That seems like a minimum and would be consistent with all the other IAM accounts produced.
fozziethebeat
on 29 Apr 2020
@heondo @fozziethebeat I believe this issue was tied to this - #3687 and we mitigated th issue with the latest release. So if you initialize a project with the latest version - you wouldn't see this conflict. Seems like it was tied to project-names with hyphens.
kaustavghosh06
on 29 Apr 2020
Related issues
jeanpaulcozzatti
·
3Comments
ReidWeb
·
3Comments
kangks
·
3Comments
nicksmithr
·
3Comments
davo301
·
3Comments
Most helpful comment
Getting this a well. Not impressed so far with the framework and all the errors and issues it is generating