AWS Fargate template fails with prisma v1.16+

[dashcraft]

Error

You receive a error during the iam role creation of 400, cannot create iam role for ecs.

Steps to recreate

Go through the tutorial @ https://www.prisma.io/docs/1.8/tutorials/deploy-prisma-servers/aws-fargate-joofei3ahd#2.-deploying-a-prisma-server-to-fargate

There is currently no documentation updates for this deployment for versions past v1.8

Possible Solutions

Update the fargate.yml file to correctly associate iam roles via security group or Make note on the fargate yml file or prisma template readme on what version the template no longer works. As of right now, it only mentiones version 1.6 as being the earliest acceptable version. 1.19 is listed as an acceptable version option inside of the fargate template.

[giladaya]

@dashcraft did you mange to solve this? Struggling with the same problem, using Prisma 1.25 Tried following this guide but it didn't help: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service_IAM_role.html

[dashcraft]

@dashcraft did you mange to solve this? Struggling with the same problem, using Prisma 1.25 Tried following this guide but it didn't help: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service_IAM_role.html

I used Prisma version 1.12 inside of aws fargate and it worked. I tried all Prisma versions between 1.8 and 1.19, back in september, inside of aws fargate, that was the latest version that worked. I don't know if things have changed, that's just what worked for me.

[giladaya]

I tried lowering the Prisma version but that didn't help.
Eventually I tried creating the stack with the account root user which did the trick. I suspect it was some issue on AWS's side not being able to create the required IAM role for the account.

[dan003400]

Has anyone got the latest version deployed and running yet?

[tonyfromundefined]

Have you run

$ aws iam create-service-linked-role --aws-service-name ecs.amazonaws.com

in aws-cli?