Views:

How do I address a stack removal error that is preventing me from redeploying Agentless Vulnerability & Threat Detection?

Correct missing permission issues that could prevent Agentless Vulnerability & Threat Detection redeployment.

Previous versions of the Agentless Vulnerability & Threat Detection AWS template had a missing permission issue that caused stack removal failures, leaving StackSets in your AWS environment that could block redeployment. If you encounter the issue, you need to manually remove the problematic stack from AWS CloudFormation.
  1. In AWS CloudFormation, go to CloudFormationStackSets.
  2. Select the StackSet you want to remove.
  3. From the Actions list, select Delete stacks from StackSet.
  4. On the Set deployment options page, copy the AWS account number and add the number to Account numbers.
  5. In the Specify regions area, click Add all regions.
  6. In the Deployment options area, enable Retain stacks.
  7. Click Next.
  8. On the Review page, click Submit.
    • Clicking Submit deletes the stacks from the StackSet.
  9. Go back to the Actions list and click Delete StackSet.
    The StackSet is now deleted.
  10. To remove any problematic stacks in CloudFormation that failed to delete, select each stack you want to remove and click Retry Delete.

How do I remove residual AWS log groups and Lambda functions blocking Agentless Vulnerability & Threat Detection redeployment?

Learn to solve a common error that could prevent you from updating or redeploying Agentless Vulnerability & Threat Detection

Agentless Vulnerability & Threat Detection may require occasional updates or redeployment after stack removal. After updating or removing the stack, residual log groups or Lambda functions might remain in your AWS account. Residual resources can block the creation of new required log groups during redeployment.
If you encounter errors during stack deployment or update, such as: The following resources failed to create: [GenerateSentryAPITokenLog, ReplicateSentryAPITokenLog, FilterUnsupportedRegionsLog], follow the steps below to resolve the issue.

Procedure

  1. Sign in to the AWS CloudWatch console for the region experiencing the errors.
  2. Locate and remove the log groups left over from the previous Agentless Vulnerability & Threat detection deployment.
    1. Search for log groups using the keywords sentry or v1-common.
    2. Delete all matching log groups, including but not limited to:
      • GenerateSentryAPITokenLog
      • ReplicateSentryAPITokenLog
      • FilterUnsupportedRegionsLog
  3. Sign in to the AWS Lambda console for the region experiencing the errors.
  4. Locate and remove the Lambda functions left over from the previous Agentless Vulnerability & Threat detection deployment.
    1. Search for Lambda functions using the keywords sentry or v1-common.
    2. Delete any matching Lambda functions if they exist.
  5. After all residual resources are removed, retry the update or stack redeployment.