Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

aws-batch compute-environment builds spot fleet role arn incorrectly #6706

Closed
damonmaria opened this issue Mar 12, 2020 · 3 comments · Fixed by #8325
Closed

aws-batch compute-environment builds spot fleet role arn incorrectly #6706

damonmaria opened this issue Mar 12, 2020 · 3 comments · Fixed by #8325
Assignees
@iliapolo
Labels
@aws-cdk/aws-batch Related to AWS Batch bug This issue is a bug. in-progress This issue is being actively worked on. p1

Comments

@damonmaria
Copy link

damonmaria commented Mar 12, 2020
edited
Loading

getSpotFleetRole in compute-environment.js in aws-batch builds the arn like so:

                return iam.Role.fromRoleArn(this, 'Resource-SpotFleet-Role', `arn${core_1.Aws.PARTITION}iam::${this.stack.account}:role/aws-service-role/spotfleet.amazonaws.com/AWSServiceRoleForEC2SpotFleet`);

It's missing : around the partition so he resulting arn looks like:

arnawsiam::XXXXXXXX:role/aws-service-role/spotfleet.amazonaws.com/AWSServiceRoleForEC2SpotFleet

Reproduction Steps

new batch.ComputeEnvironment(this, 'test', {
  computeResources: {
    desiredvCpus: 0,
    instanceTypes: [instanceType],
    type: ComputeResourceType.SPOT,
    vpc,
  },
  managed: false,
})

Error Log

CLIENT_ERROR - Parameter: SpotFleetRequestConfig.IamFleetRole is invalid.

Environment

  • CLI Version : 1.26.0
  • Framework Version: 1.26.0
  • OS : MacOS 10.15.3
  • Language : Typescript

This is 🐛 Bug Report
@damonmaria damonmaria added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Mar 12, 2020
@SomayaB SomayaB added the @aws-cdk/aws-batch Related to AWS Batch label Mar 12, 2020
@damonmaria
Copy link
Author

Even after fixing the role that role does not exist. So I'm not sure if fixing this just uncovers another bug.

@iliapolo
Copy link
Contributor

Hi @damonmaria - Thanks for reporting this!

It indeed looks like a bug with missing : around the partition.

Can you tell me please where exactly are you seeing this error though?

CLIENT_ERROR - Parameter: SpotFleetRequestConfig.IamFleetRole is invalid.

Is it on stack creation time? job submission?

Also, you mentioned:

Even after fixing the role that role does not exist. So I'm not sure if fixing this just uncovers another bug.

The AWSServiceRoleForEC2SpotFleet role is not created as part of the ComputeEnvironment - it is assumed to exist. Its best to create it once using these instructions.

I'm acknowledging the : bug and prioritizing it.

Note that we have just release version 1.28.0 which contains many fixes and changes (though unrelated to this issue) to the batch library. I suggest you upgrade :)

Thanks!

@iliapolo iliapolo added p1 needs-triage This issue or PR still needs to be triaged. and removed needs-triage This issue or PR still needs to be triaged. labels Mar 16, 2020
@damonmaria
Copy link
Author

@iliapolo

Can you tell me please where exactly are you seeing this error though?

Sometime after the batch job is submitted the compute environment will go INVALID with this error. You can also see it in CloudTrail.

Note that we have just release version 1.28.0 which contains many fixes and changes

Thanks!

@SomayaB SomayaB removed the needs-triage This issue or PR still needs to be triaged. label May 19, 2020
@cmckni3 cmckni3 mentioned this issue Jun 2, 2020
Merged
@SomayaB SomayaB added the in-progress This issue is being actively worked on. label Jun 2, 2020
@mergify mergify bot closed this as completed in #8325 Jun 30, 2020
mergify bot pushed a commit that referenced this issue Jun 30, 2020
@cmckni3
fix(batch): Invalid spot fleet service role (#8325)
034bc35 
Generated role arn invalid due to missing colons (e.g. arnawsiam)

Closes #6706


----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@damonmaria damonmaria mentioned this issue Jul 15, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@iliapolo iliapolo

Labels
@aws-cdk/aws-batch Related to AWS Batch bug This issue is a bug. in-progress This issue is being actively worked on. p1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(batch): Invalid spot fleet service role
3 participants
@iliapolo @damonmaria @SomayaB