Discovery process is scanning resources in 3 region(s)

[mrlsdevops]

Hello Team,

I was able to deploy the stack successfully and I am not getting resources loaded and it's saying "Discovery process is scanning resources in 3 region(s)"

Here is the snap:

Any thoughts and comments?

Notes:

I have customized the Network portion and seamlessly deployed the stack and all nested stacks created successfully. I was able to access via cloud front distribution as well.

[svozza]

It's almost certainly this issue: https://github.com/awslabs/aws-perspective/issues/98.

[svozza]

Is the image definitely in ECR now? You may need to update the ECS task definition in the console to use the newly built image.

[mrlsdevops]

Yes. Latest image already pushed to ECR. Okay, Let me update the ECS task definition to use latest one.

[svozza]

Are there any logs in the ECS task? Also, if you check AWS Config, is the aggregator collecting resources?

[svozza]

Interesting. Are there any errors in the GremlinFunction lambda function logs? In particular something like this:

Execution failed: 6294149 byte payload is too large for the RequestResponse invocation type (limit 6291456 bytes)

[svozza]

Hi there, apologies for the delay, I was on personal leave over Easter. When you say you updated the permissions, what did you do?

[mrlsdevops]

No worries Stefan I. Hope you had grate weekend. So, when I deployed solution, it created all necessary IAM Roles. So we had permission boundary setup for any new role creation meaning that, it will by default attach permission boundary. That permission boundary doesn’t have access to Neptune. I have updated permission boundary with Neptune access and error exceptions went away. I no longer see any error in both gremlinfunction lambda and WebUI. However I still don’t see any resources.

On Wed, Apr 7, 2021 at 5:25 AM Stefano Vozza @.***> wrote:

Hi there, apologies for the delay, I was on personal leave over Easter. When you say you updated the permissions, what did you do?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-perspective/issues/128#issuecomment-814760841, or unsubscribe https://github.com/notifications/unsubscribe-auth/AJOSZATTRWK2KZVQBW6EWBTTHQQHTANCNFSM4Z2QZH2Q .

[svozza]

OK, this is interesting, I'm wondering if those Config errors above could be caused by something similar? Or could this permission boundary affect the role that you installed in the accounts you imported (the CloudFormation Perspective returns when you import an account creates two roles).

[mrlsdevops]

Yay.. I was able to figure it out bottle neck and fixed it. Now I am able see all resources and relation between them. It’s a pretty cool tool. I really like it. 😀

On Thu, Apr 8, 2021 at 4:20 AM Stefano Vozza @.***> wrote:

OK, this is interesting, I'm wondering if those Config errors above could be caused by something similar? Or could this permission boundary affect the role that you installed in the accounts you imported (the CloudFormation Perspective returns when you import an account creates two roles).

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/awslabs/aws-perspective/issues/128#issuecomment-815558842, or unsubscribe https://github.com/notifications/unsubscribe-auth/AJOSZASRZVOO2U2IAAILQN3THVRNHANCNFSM4Z2QZH2Q .

[svozza]

Oh that's great news! Glad we got to the bottom of it. :)

[mrlsdevops]

Hi svozza,

when I click draw.io, I am getting redirected to new tab and displaying with this message "error: Network Error"

I am just wondering, did I miss anything? Please advise..

[svozza]

Are there any errors in the browser console?

[svozza]

Closing due to inactivity