search

PaloAltoNetworks / aws-transit-vpc

automated AWS transit vpc
41 stars 34 forks source link

Stack PaGroup58 already exists #41

Open Schizamp opened 6 years ago

Schizamp commented 6 years ago

Am building a second transitVPC in the same account. Watching the progress through CloudWatch Logs and the State machine step function. It fails here, when trying to create the stack. There is supposed to be a Check state lambda that executes immediately after but it does not.

Why is PaGroup58 the first one to be built? Can it be just a random number or full concatonated date and time (ie 20180822163045)

An error occurred (AlreadyExistsException) when calling the CreateStack operation: Stack [PaGroup58] already exists: AlreadyExistsException Traceback (most recent call last): File "/var/task/createNewPaGroupLambda.py", line 48, in lambda_handler response = pan_vpn_generic.createNewPaGroup(region, result['PaGroupName'],config['PaGroupTemplateUrl'],result['PaGroupName'],config['SshKeyName'],config['TransitVpcMgmtAz1SubnetId'],config['TransitVpcMgmtAz2SubnetId'],config['TransitVpcDmzAz1SubnetId'],config['TransitVpcDmzAz2SubnetId'],config['TransitVpcTrustedSecurityGroupId'],config['TransitVpcUntrustedSecurityGroupId'],config['PaGroupInstanceProfileName'],config['PaBootstrapBucketName'], str(result['N1Asn']), str(result['N2Asn']), config['TransitVpcDmzAz1SubnetGateway'], config['TransitVpcDmzAz2SubnetGateway']) File "/var/task/pan_vpn_generic.py", line 552, in createNewPaGroup OnFailure = 'ROLLBACK' File "/var/runtime/botocore/client.py", line 314, in _api_call return self._make_api_call(operation_name, kwargs) File "/var/runtime/botocore/client.py", line 612, in _make_api_call raise error_class(parsed_response, operation_name) botocore.errorfactory.AlreadyExistsException: An error occurred (AlreadyExistsException) when calling the CreateStack operation: Stack [PaGroup58] already exists

narayan-iyengar commented 6 years ago

two transits in the same VPC is not supported...

Schizamp commented 6 years ago

Am going to leave this one open as an issue. All of the other components -- the lambdas, SNS topics, queues, Step function, etc, all have the stack name appended to the end, making them unique. The PaGroup number seems to be the only thing not unique. Could easily be fixed by appending a random number or the datetime stamp instead of "58."