aws-elasticloadbalancingv2: Resource of type 'AWS::ElasticLoadBalancingV2::Listener' with identifier 'Idempotency Check Failed' already exists.

[ashishchandr70]

:question: General Issue

The Question

We are trying to run our cloudformation template to modify our environment but keep getting this error:

Resource of type 'AWS::ElasticLoadBalancingV2::Listener' with identifier 'Idempotency Check Failed' already exists.

Environment

• CDK CLI Version: Not using
• Module Version: 1.89.0
• Node.js Version: 14.15.4
• OS: Ubuntu 18.04.5 LTS
• Language (Version): TypeScript 3.9.7

Other information

Here is the load balancer related code:

import * as elb from '@aws-cdk/aws-elasticloadbalancingv2';

const loadBalancer = new elb.ApplicationLoadBalancer(this, 'Alb', {
            vpc: props.vpc,
            internetFacing: true
});

const listener = loadBalancer.addListener(`PublicListener`, {
            protocol: elb.ApplicationProtocol.HTTPS,
            port: 443,
            open: true,
            defaultAction: elb.ListenerAction.fixedResponse(200, {
                contentType: 'text/html',
                messageBody: `<html><head><title>Load Balancer</title></head><body>${this.namespace}</body></html>`
            })
        });

listener.addCertificates('Arns', [elb.ListenerCertificate.fromCertificateManager(props.certificate)]);

loadBalancer.addListener('PublicRedirectListener', {
            protocol: elb.ApplicationProtocol.HTTP,
            port: 80,
            open: true,
            defaultAction: elb.ListenerAction.redirect({
                port: '443',
                protocol: elb.ApplicationProtocol.HTTPS,
                permanent: true,
            })
        });

Here is the actual error from CloudFormation:

The listener in question (HTTPS listener) already exists so CloudFormation should just keep going as we are just updating some other resources.

Here is a picture of the listener that already exists:

[ashishchandr70]

Hi - any indicative timeline on this issue? We are having to comment out this portion, run the cloudformation template, uncomment and then run again, in order to get our resources to get deployed.

[bukharov]

I have the same issue. Any tips or workarounds?

[bukharov]

I figured it out. I had two listeners on a balancer on the same port.

[ryanotella]

Looks like changing something like the name on a Listener requires an explicit two-stage process - destroy + create?

[MostafaBalata]

It seems like you are trying to deploy a new listener with a different name with an already used port.

[peterwoodworth]

@ashishchandr70 can you confirm if the above is the case? I've been unable to reproduce this

[peterwoodworth]

I was able to reproduce this issue. According to CloudFormation, if the arn of the Listener is updated (this would happen if you change the id) then a replacement of the resource will need to happen. When cloudformation replaces a resource, it will first create the replacement resource then delete the old resource. This will cause a failure during deployment because it will try to create a Listener with a port that's already being used by the listener (despite the fact that the listener already using the port would be about to be deleted).

To fix this, you'll want to either adjust your code so that CFN doesn't think it needs to recreate your resource, or if you want to keep your configuration the way it currently I'm not sure what the best way to solve this would be. If deleting just the listener doesn't cause any issues that could potentially work. If you figure a way out of this situation let me know, and if you need additional help or guidance, feel free to ping me 😄

[github-actions[bot]]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.

[chungllai2]

I am using elastic beanstalk & having the same error.

TLDR: If you create the ALB manually, don't try to update the config with cloudformation file

@peterwoodworth is right, on my case, I create the Load balancer MANUALLY on elastic beanstalk management console.

When I updated it with a .ebextensions/alb-http-to-https-redirection-full.config, it will prompt this error

[AmebaBrain]

Can confirm the same behavior. Explanation from @peterwoodworth is correct.

I was re-creating listener in template from in-place resource to nested stack. CF told that changing resource type from AWS::ElasticLoadBalancingV2::Listener to AWS::CloudFormation::Stack is forbidden. Then I changed name (logical ID) of a resource with intention to cause old listener to drop and new one to create via nested stack. And got this error.

After manually removing corresponding listener from the actual ALB, new listener has been created successfully

[shearn89]

I also had this problem - turned out I'd renamed an AWS::ElasticLoadBalancingV2::ListenerRule Resource in my template, and the renaming caused it to throw this error. Bit cryptic!

[badfun]

In my case it is because I had decided to use the addRedirect() convenience method after I had already deployed the stack previously using a listener. It amounts to the same thing, but conflicted with the existing bit. I removed it, deployed, added it back in, deployed again. All good.

[shivam-anand-s1]

Cloudformation with LoadBalancers is extremely painful You can't ever change names or Resource names Also with Listeners it always fails because if first tries to create listener before it deleted the old one. The complete ecosystem is buggy. AWS is reluctant to fix these things for years.