while deleting CDK, it gives error of role and not deleting the stack

Question

while deleting CDK, it gives error of role and not deleting the stack

tarunhere opened this issue 2 years ago · 4 comments

Describe the bug

I tried to delete the stack after the demo learning but it is failing from cli and UI as well with following error message in console (cli)

Are you sure you want to delete: CdkWorkshopStack (y/n)? y
CdkWorkshopStack: destroying... [1/1]
current credentials could not be used to assume 'arn:aws:iam::*****:role/cdk-hnb61111ds-deploy-role-59763#######-ap-south-1', but are for the right account. Proceeding anyway.

 ❌  CdkWorkshopStack: destroy failed Error: Role arn:aws:iam::59763*******:role/cdk-hnb6xxxxds-cfn-exec-role-59763*****-ap-south-1 is invalid or cannot be assumed
    at destroyStack (/Users/t/.nvm/versions/node/v16.4.2/lib/node_modules/aws-cdk/lib/api/deploy-stack.ts:669:11)
    at processTicksAndRejections (node:internal/process/task_queues:96:5)
    at CdkToolkit.destroy (/Users/t/.nvm/versions/node/v16.4.2/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:534:9)
    at initCommandLine (/Users/t/.nvm/versions/node/v16.4.2/lib/node_modules/aws-cdk/lib/cli.ts:374:12)

Role arn:aws:iam::59763*******:role/cdk-hnbxxxxs-cfn-exec-role-5976*****-ap-south-1 is invalid or cannot be assumed

and something similar is showing on UI as well. Just masked few IDs and username but rest all format is same.

please guide me as how can I delete this stack. I was just using this as my first project to learn CDK

Expected Behavior

When we type cdk destroy it should destroy all stacks but it is not destroying.

Current Behavior

CDK stack is not destroyed!!

Reproduction Steps

I followed steps on this https://cdkworkshop.com/20-typescript/60-cleanups.html and got error.

Possible Solution

No response

Additional Information/Context

I followed all steps from this https://cdkworkshop.com/20-typescript/60-cleanups.html

CDK CLI Version

2.54.0 (build 9f41881)

Section

No response

Browser

all

Language

Typescript | Javascript

Answer 1 · 2022-12-20T06:05:32.000Z

@tarunhere can you check if you are using the correct access key while you are performing delete, sort of feel that the cli is not having right privileges if you use different profiles current credentials could not be used to assume
``

Answer 2 · 2022-12-20T08:55:42.000Z

@tarunhere as discussed, it seems the role cdk execution role was deleted when you deleted the bootstrap stack, and you are not able to successfully bootstrap once after since there is an orphan bootstrap bucket unnoticed. Once the bucket is deleted, you could bootstrap again to get the cdk execution role created and then cdk destroy can clean your stacks as usual

Answer 3 · 2022-12-21T16:08:58.000Z

Thanks for the support. It is fixed now

Answer 4 · 2022-12-21T16:09:25.000Z

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.