search

sigdba / sig-shared-sceptre

Shared templates for Sceptre/CloudFormation
2 stars 0 forks source link

Error creating network load balancer #92

Open dboitnot opened 1 year ago

dboitnot commented 1 year ago 
"An error occurred (ValidationError) when calling the CreateStack operation: Template format error: Unresolved resource dependencies [DefaultSecurityGroup] in the Resources block of the template"

This is because an ingress rule was created with a reference to an SG that isn't included in the template because NLBs don't have SGs.

    IngressTO1521FORxulaDASHprodDASHserverDASHdb1DASHInstanceSg:
      Properties:
        Description:
          Ref: AWS::StackName
        FromPort: 1521
        GroupId:
          Fn::ImportValue: xula-prod-server-db1-InstanceSg
        IpProtocol: tcp
        SourceSecurityGroupId:
          Ref: DefaultSecurityGroup
        ToPort: 1521
      Type: AWS::EC2::SecurityGroupIngress

This is an ingress rule being created on the target server's security group. This is a user error. There should not be a *_sg key on the target model for NLBs. Add a validator to explain this.