aws-cloudformation-github-deploy action running indefinitely even after the stack gets completely created

[arqgroup-snehalthakre]

I am working on creating an RDS AURORA Serverless cluster with 2 reader instances. The AWS action (aws-cloudformation-github-deploy) runs fine with 1 reader instance. Still, as soon as the second reader instance is added, the action keeps running indefinitely till it reaches the runner's maximum execution time of 360 minutes.

My observation when I tried to use the older version of aws-cloudformation-github-deploy@v1.1.0, the stack was in CREATE_IN_PROGRESS but the aws action threw an error of stack not in CREATE_COMPLETE state and failed. Although the stack continued to be completed.

My code:
name: Deploy RDS AURORA serverless cluster on ${{ inputs.env }}
id: deploy_cluster
uses: aws-actions/aws-cloudformation-github-deploy@v1
with:
name: ${{ inputs.appName }}-rds-cluster-${{ inputs.env }}
template: .github/infrastructure/rds/rds-cluster.yaml
no-fail-on-empty-changeset: true
capabilities: CAPABILITY_NAMED_IAM, CAPABILITY_AUTO_EXPAND
parameter-overrides: "AppName=${{ inputs.appName }},Environment=${{ inputs.env }},VpcId=vpc-01fa9a364bdb89d67,Subnet1=subnet-0ecbb3f7b1fd26be7,Subnet2=subnet-053216efcb229544d,MinCapacity=1,MaxCapacity=4,DBName=${{ inputs.dbName }}"
timeout-in-minutes: 60

Stack yaml:
` TDBCluster:
Type: AWS::RDS::DBCluster
Properties:
DBClusterIdentifier: !Sub ${Environment}-test-db-cluster
Engine: aurora-postgresql
EngineMode: provisioned
EngineVersion: '15.4'
DatabaseName: !Sub ${DBName}
MasterUsername: !Sub '{{resolve:secretsmanager:${Environment}/master/rds:SecretString:username}}'
MasterUserPassword: !Sub '{{resolve:secretsmanager:${Environment}/master/rds:SecretString:password}}'
DBSubnetGroupName: !Ref TDBSubnetGroup
EnableHttpEndpoint: true
DeletionProtection: false # TODO: True for higher environment
VpcSecurityGroupIds:

• !Ref TDBSecurityGroup
  ServerlessV2ScalingConfiguration:
  MinCapacity: !Ref MinCapacity
  MaxCapacity: !Ref MaxCapacity
  DBClusterParameterGroupName: !Ref TDBClusterParamGrp
  StorageEncrypted: true
  BackupRetentionPeriod: 7
  PreferredBackupWindow: 18:56-19:26
  PreferredMaintenanceWindow: mon:12:11-mon:12:41
  Port: 5432
  CopyTagsToSnapshot: true
  StorageType: aurora
  NetworkType: IPV4
  EnableCloudwatchLogsExports:
• postgresql
  AvailabilityZones:
• ap-southeast-2b
• ap-southeast-2a
  AutoMinorVersionUpgrade: true
  EnableIAMDatabaseAuthentication: true
  Tags:
• Key: Environment
  Value: !Ref Environment
• Key: App Name
  Value: !Ref AppName

Reader node instance for RDS Aurora Cluster
TInstance2:
Type: AWS::RDS::DBInstance
DependsOn:

• TDBCluster
• TInstance1
  Properties:
  DBInstanceIdentifier: !Sub "${Environment}-test-db-reader-2"
  DBClusterIdentifier: !Ref TDBCluster
  DBParameterGroupName: !Ref DBParameterGroup
  DBInstanceClass: db.serverless
  Engine: aurora-postgresql
  PubliclyAccessible: false
  AutoMinorVersionUpgrade: true
  StorageEncrypted: true
  Tags:
• Key: Environment
  Value: !Ref Environment
• Key: AppName
  Value: !Ref AppName`

[LoganB99]

same. @kddejong there are two issues open indefinitely, #139
Could we get someone to look into this?

[arqgroup-snehalthakre]

Hi @LoganB99 and @kddejong - Did you find the issue or a work around for it?

[jhull123]

Be sure that the user that your action is using has the privileges described in the Permissions section of the Readme. Updating these fixed the issue for me.