cyberark-aws-auto-onboarding
cyberark-aws-auto-onboarding copied to clipboard
Published
20 hours ago •
cyberark
cyberark
What is the time to deploy on the Lambda with no NAT Gateway needed?
I'm deploying this AWS Lambda and it keeps stalling at the same point.
This is as far as I can get before it just stops... no errors or failure... just stops.
| Date | Status | Type | Logical ID | Status Reason |
|---|---|---|---|---|
| 14:25:57 UTC-0400 | CREATE_COMPLETE | AWS::DynamoDB::Table | DynamoDBTableInstances | |
| 14:25:54 UTC-0400 | CREATE_IN_PROGRESS | AWS::CloudFormation::CustomResource | CreateSafe | |
| 14:25:52 UTC-0400 | CREATE_COMPLETE | AWS::Lambda::Function | ElasticityLambda | |
| 14:25:52 UTC-0400 | CREATE_IN_PROGRESS | AWS::Lambda::Function | ElasticityLambda | Resource creation Initiated |
| 14:25:51 UTC-0400 | CREATE_COMPLETE | AWS::Lambda::Function | SafeHandlerLambda | |
| 14:25:51 UTC-0400 | CREATE_IN_PROGRESS | AWS::Lambda::Function | SafeHandlerLambda | Resource creation Initiated |
| 14:25:50 UTC-0400 | CREATE_IN_PROGRESS | AWS::Lambda::Function | SafeHandlerLambda | |
| 14:25:50 UTC-0400 | CREATE_IN_PROGRESS | AWS::Lambda::Function | ElasticityLambda | |
| 14:25:47 UTC-0400 | CREATE_COMPLETE | AWS::IAM::Policy | LambdaS3BucketPolicy | |
| 14:25:47 UTC-0400 | CREATE_COMPLETE | AWS::IAM::Role | ElasticityLambdaRole | |
| 14:25:46 UTC-0400 | CREATE_COMPLETE | AWS::IAM::Role | SafeHandlerLambdaRole | |
| 14:25:43 UTC-0400 | CREATE_COMPLETE | AWS::Lambda::Function | TrustMechanismLambda | |
| 14:25:43 UTC-0400 | CREATE_IN_PROGRESS | AWS::Lambda::Function | TrustMechanismLambda | Resource creation Initiated |
| 14:25:42 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Policy | LambdaS3BucketPolicy | Resource creation Initiated |
| 14:25:41 UTC-0400 | CREATE_IN_PROGRESS | AWS::Lambda::Function | TrustMechanismLambda | |
| 14:25:41 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Policy | LambdaS3BucketPolicy | |
| 14:25:38 UTC-0400 | CREATE_COMPLETE | AWS::IAM::Role | LambdaS3BucketRole | |
| 14:25:38 UTC-0400 | CREATE_COMPLETE | AWS::IAM::Role | TrustMechanismLambdaRole | |
| 14:25:36 UTC-0400 | CREATE_COMPLETE | AWS::EC2::SecurityGroupIngress | SecurityGroupPVWAIngress | |
| 14:25:36 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroupIngress | SecurityGroupPVWAIngress | Resource creation Initiated |
| 14:25:35 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | ElasticityLambdaRole | Resource creation Initiated |
| 14:25:35 UTC-0400 | CREATE_COMPLETE | AWS::EC2::SecurityGroupEgress | EgressAccessHTTPS | |
| 14:25:35 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | ElasticityLambdaRole | |
| 14:25:35 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | SafeHandlerLambdaRole | Resource creation Initiated |
| 14:25:34 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | SafeHandlerLambdaRole | |
| 14:25:34 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroupEgress | EgressAccessHTTPS | Resource creation Initiated |
| 14:25:34 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroupIngress | SecurityGroupPVWAIngress | |
| 14:25:33 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroupEgress | EgressAccessHTTPS | |
| 14:25:32 UTC-0400 | CREATE_COMPLETE | AWS::SSM::Parameter | ParameterPVWA | |
| 14:25:32 UTC-0400 | CREATE_COMPLETE | AWS::IAM::ManagedPolicy | ElasticityLambdaPolicy | |
| 14:25:32 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterPVWA | Resource creation Initiated |
| 14:25:32 UTC-0400 | CREATE_COMPLETE | AWS::IAM::ManagedPolicy | SafehandlingLambdaPolicy | |
| 14:25:31 UTC-0400 | CREATE_COMPLETE | AWS::EC2::SecurityGroup | ElasticityLambdaSecurityGroup | |
| 14:25:31 UTC-0400 | CREATE_COMPLETE | AWS::EC2::SecurityGroup | TrustMechanismSecurityGroup | |
| 14:25:30 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroup | TrustMechanismSecurityGroup | Resource creation Initiated |
| 14:25:30 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroup | ElasticityLambdaSecurityGroup | Resource creation Initiated |
| 14:25:30 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterPVWA | |
| 14:25:29 UTC-0400 | CREATE_COMPLETE | AWS::SSM::Parameter | ParameterUsername | |
| 14:25:29 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterUsername | Resource creation Initiated |
| 14:25:28 UTC-0400 | CREATE_COMPLETE | AWS::SSM::Parameter | ParameterWindowsAccountsSafe | |
| 14:25:28 UTC-0400 | CREATE_COMPLETE | AWS::SSM::Parameter | ParameterAWSKeyPairSafe | |
| 14:25:28 UTC-0400 | CREATE_COMPLETE | AWS::SSM::Parameter | ParameterUnixAccountsSafe | |
| 14:25:28 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterAWSKeyPairSafe | Resource creation Initiated |
| 14:25:28 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterWindowsAccountsSafe | Resource creation Initiated |
| 14:25:28 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterUnixAccountsSafe | Resource creation Initiated |
| 14:25:27 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::ManagedPolicy | ElasticityLambdaPolicy | Resource creation Initiated |
| 14:25:27 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::ManagedPolicy | ElasticityLambdaPolicy | |
| 14:25:27 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | LambdaS3BucketRole | Resource creation Initiated |
| 14:25:27 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::ManagedPolicy | SafehandlingLambdaPolicy | Resource creation Initiated |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::DynamoDB::Table | DynamoDBTableInstances | Resource creation Initiated |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | LambdaS3BucketRole | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::ManagedPolicy | SafehandlingLambdaPolicy | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterUnixAccountsSafe | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | TrustMechanismLambdaRole | Resource creation Initiated |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterWindowsAccountsSafe | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::DynamoDB::Table | DynamoDBTableInstances | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterUsername | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::SSM::Parameter | ParameterAWSKeyPairSafe | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::IAM::Role | TrustMechanismLambdaRole | |
| 14:25:26 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroup | TrustMechanismSecurityGroup | |
| 14:25:25 UTC-0400 | CREATE_IN_PROGRESS | AWS::EC2::SecurityGroup | ElasticityLambdaSecurityGroup | |
| 14:25:16 UTC-0400 | CREATE_IN_PROGRESS | AWS::CloudFormation::Stack | cybr-lambda-deploy-3 | User Initiated |
Finally received a failure -- here it is. Confirmed the VPC can communicate with PVWA and the Security Group being used has ALL TRAFFIC open outbound.
15:26:21 UTC-0400 | CREATE_FAILED | AWS::CloudFormation::CustomResource | CreateSafe | Custom Resource failed to stabilize in expected time
The resolution was that NAT Gateway was required. There is no way around this I could find.