search

aws-solutions / aws-waf-security-automations

This solution automatically deploys a single web access control list (web ACL) with a set of AWS WAF rules designed to filter common web-based attacks.
https://aws.amazon.com/solutions/aws-waf-security-automations
Apache License 2.0
845 stars 361 forks source link

Error while deleting WAF Regional Cloudformation Stack #97

Closed manali14 closed 4 years ago

manali14 commented 4 years ago

While destroying the Cloudformation Stack, its failing to destroy the nested stack with below error:

2019-10-14 15:22:19 UTC+0530 DELETE_FAILED The following resource(s) failed to delete: [WAFReputationListsSet].
2019-10-14 15:22:19 UTC+0530 WAFReputationListsSet DELETE_FAILED Operation would result in exceeding resource limits. (Service: AWSWAFRegional; Status Code: 400; Error Code: WAFLimitsExceededException; Request ID: f711fe2d-9777-4255-ab48-f475635a6368)

We solved it manually by deleting IP Addresses from WAF Console.

pedros007 commented 4 years ago

I had the same problem with v2.3.0 of the stack https://github.com/awslabs/aws-waf-security-automations/issues/14#issuecomment-500502542 . Seems like #14 shouldn't be closed.

tomnight commented 4 years ago

thanks for the feedback, this was fixed in v2.1, we will look at the code changes in 2.3 and get this fixed.

stijnvanrenterghem commented 4 years ago

Any update?

morufajibike commented 4 years ago

The same problem experienced with 'aws-waf-security-automations/v2.3.2'. Got around it as @manali14 suggested

rakshb commented 4 years ago

Hello. Thanks for reporting the issue. Our recommendation is to always delete the root stack (primary stack) to delete all nested stacks and related resources. If you delete the nested stacks directly, since the root stack is using some of the resources, these resources will not get deleted. Let us know if you still face any issues and also share the configuration you used (version used, input parameter selected)