Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EC2 / modifySecurityGroupRules -> The request must contain the parameter groupId #5437

Closed
1 task done
sebdehne opened this issue Jul 27, 2024 · 4 comments
Closed
1 task done

EC2 / modifySecurityGroupRules -> The request must contain the parameter groupId #5437

sebdehne opened this issue Jul 27, 2024 · 4 comments
Assignees
@debora-ito
Labels
bug This issue is a bug. p2 This is a standard priority issue response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 10 days.

Comments

@sebdehne
Copy link

sebdehne commented Jul 27, 2024
edited
Loading

Upcoming End-of-Support

  • I acknowledge the upcoming end-of-support for AWS SDK for Java v1 was announced, and migration to AWS SDK for Java v2 is recommended.

Describe the bug

I try to modify an existing ingress-rule in an existing security-group, but keep getting the error: The request must contain the parameter groupId

Expected Behavior

I expect the rule to be update.

Current Behavior

The following exception is thrown:

Exception in thread "main" software.amazon.awssdk.services.ec2.model.Ec2Exception: The request must contain the parameter groupId (Service: Ec2, Status Code: 400, Request ID: d42c2511-aea4-4510-86af-af61a1b11902)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleErrorResponse(CombinedResponseHandler.java:125)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleResponse(CombinedResponseHandler.java:82)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:60)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:41)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:50)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:38)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:72)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:42)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:78)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:40)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptMetricCollectionStage.execute(ApiCallAttemptMetricCollectionStage.java:55)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptMetricCollectionStage.execute(ApiCallAttemptMetricCollectionStage.java:39)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage2.executeRequest(RetryableStage2.java:93)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage2.execute(RetryableStage2.java:56)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage2.execute(RetryableStage2.java:36)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:53)
	at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:35)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.executeWithTimer(ApiCallTimeoutTrackingStage.java:80)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:60)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:42)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:50)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:32)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:37)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:26)
	at software.amazon.awssdk.core.internal.http.AmazonSyncHttpClient$RequestExecutionBuilderImpl.execute(AmazonSyncHttpClient.java:210)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.invoke(BaseSyncClientHandler.java:103)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.doExecute(BaseSyncClientHandler.java:173)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:80)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:182)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:74)
	at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45)
	at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:53)
	at software.amazon.awssdk.services.ec2.DefaultEc2Client.modifySecurityGroupRules(DefaultEc2Client.java:30554)
	at software.amazon.awssdk.services.ec2.Ec2Client.modifySecurityGroupRules(Ec2Client.java)
	...

Reproduction Steps

Example in kotlin:

fun main() {
    
    // setup the client
    val awsAccessKey = "<...removed...>"
    val awsSecretAccessKey = "<...removed...>"
    val ec2Client = Ec2Client.builder()
        .region(region)
        .credentialsProvider {
            object : AwsCredentials {
                override fun accessKeyId() = awsAccessKey

                override fun secretAccessKey() = awsSecretAccessKey
            }
        }
        .build()
    
    // fetch all security rules - OK
    val describeSecurityGroups = ec2Client.describeSecurityGroups()
    
    // pick the first one - OK
    val securityGroup = describeSecurityGroups.securityGroups().firstOrNull() ?: error("No security group found")
    
    // fetch rules and filter for ingress - OK
    val ingressRules = ec2Client.describeSecurityGroupRules {
        DescribeSecurityGroupRulesRequest.builder()
            .securityGroupRuleIds(securityGroup.groupId())
            .build()
    }.securityGroupRules().filter { !it.isEgress }
    
    // find the rule to be edited
    val toBeEdited = ingressRules.firstOrNull { it.toPort() == 22 } ?: error("Rule not found")
    
    // make the modify call -> throws: Ec2Exception: The request must contain the parameter groupId (Service: Ec2, Status Code: 400...)
    ec2Client.modifySecurityGroupRules {
        ModifySecurityGroupRulesRequest.builder()
            .groupId(securityGroup.groupId()) // <-- setting the security-group-id here!
            .securityGroupRules(SecurityGroupRuleUpdate.builder()
                .securityGroupRuleId(toBeEdited.securityGroupRuleId())
                .securityGroupRule(SecurityGroupRuleRequest.builder()
                    .cidrIpv4("1.2.3.4/32")
                    .build())
                .build())
            .build()
    }
}

Possible Solution

No response

Additional Information/Context

No response

AWS Java SDK version used

2.26.25

JDK version used

17

Operating System and version

Mac
@sebdehne sebdehne added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Jul 27, 2024
@debora-ito
Copy link
Member

Can you generate the verbose wirelogs?
Instructions can be found in our Developer Guide: https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/logging-slf4j.html#sdk-java-logging-verbose

Transferring to the Java SDK v2 repo.

@debora-ito debora-ito transferred this issue from aws/aws-sdk-java Jul 29, 2024
@debora-ito debora-ito added response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 10 days. p2 This is a standard priority issue and removed needs-triage This issue or PR still needs to be triaged. labels Jul 29, 2024
@debora-ito debora-ito self-assigned this Jul 29, 2024
@sebdehne
Copy link
Author

Sure - here is the wire-logging. Looks like the request-body is missing all the information.


2024-07-30T06:46:39,532Z [main] DEBUG s.a.a.c.i.ExecutionInterceptorChain - Creating an interceptor chain that will apply interceptors in the following order: [software.amazon.awssdk.core.internal.interceptor.HttpChecksumValidationInterceptor@12db3386, software.amazon.awssdk.awscore.interceptor.HelpfulUnknownHostExceptionInterceptor@4078695f, software.amazon.awssdk.awscore.eventstream.EventStreamInitialRequestInterceptor@79a1728c, software.amazon.awssdk.awscore.interceptor.TraceIdExecutionInterceptor@a7f0ab6, software.amazon.awssdk.services.ec2.auth.scheme.internal.Ec2AuthSchemeInterceptor@41f35f7c, software.amazon.awssdk.services.ec2.endpoints.internal.Ec2ResolveEndpointInterceptor@42c2f48c, software.amazon.awssdk.services.ec2.endpoints.internal.Ec2RequestSetEndpointInterceptor@3005db4a, software.amazon.awssdk.services.ec2.transform.internal.GeneratePreSignUrlInterceptor@425d5d46, software.amazon.awssdk.services.ec2.transform.internal.TimestampFormatInterceptor@198ef2ce]
2024-07-30T06:46:39,533Z [main] DEBUG s.a.a.c.i.ExecutionInterceptorChain - Interceptor 'software.amazon.awssdk.services.ec2.endpoints.internal.Ec2RequestSetEndpointInterceptor@3005db4a' modified the message with its modifyHttpRequest method.
2024-07-30T06:46:39,533Z [main] DEBUG s.a.a.retries.LegacyRetryStrategy - Request attempt 1 token acquired (backoff: 0ms, cost: 0, capacity: 500/500)
2024-07-30T06:46:39,533Z [main] DEBUG software.amazon.awssdk.request - Sending Request: DefaultSdkHttpFullRequest(httpMethod=POST, protocol=https, host=ec2.eu-central-1.amazonaws.com, encodedPath=, headers=[amz-sdk-invocation-id, Content-Length, Content-Type, User-Agent], queryParameters=[])
2024-07-30T06:46:39,533Z [main] DEBUG s.a.a.c.i.h.p.stages.SigningStage - Using SelectedAuthScheme: aws.auth#sigv4
2024-07-30T06:46:39,533Z [main] DEBUG s.a.a.h.a.a.i.s.DefaultV4RequestSigner - AWS4 Canonical Request: POST
/

amz-sdk-invocation-id:8e5ba2f1-093c-1f1c-a2df-a32073a2ddd4
amz-sdk-request:attempt=1; max=4
content-length:50
content-type:application/x-www-form-urlencoded; charset=utf-8
host:ec2.eu-central-1.amazonaws.com
x-amz-content-sha256:<...REMOVED...>
x-amz-date:20240730T064639Z

amz-sdk-invocation-id;amz-sdk-request;content-length;content-type;host;x-amz-content-sha256;x-amz-date
<...REMOVED...>
2024-07-30T06:46:39,533Z [main] DEBUG s.a.a.h.a.a.i.s.DefaultV4RequestSigner - AWS4 Canonical Request Hash: <...REMOVED...>
2024-07-30T06:46:39,533Z [main] DEBUG s.a.a.h.a.a.i.s.DefaultV4RequestSigner - AWS4 String to sign: AWS4-HMAC-SHA256
20240730T064639Z
20240730/eu-central-1/ec2/aws4_request
<...REMOVED...>
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.c.protocol.RequestAddCookies - CookieSpec selected: default
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.c.protocol.RequestAuthCache - Auth cache not set in the context
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.i.c.PoolingHttpClientConnectionManager - Connection request: [route: {s}->https://ec2.eu-central-1.amazonaws.com:443][total available: 1; route allocated: 1 of 50; total allocated: 1 of 50]
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.i.c.PoolingHttpClientConnectionManager - Connection leased: [id: 0][route: {s}->https://ec2.eu-central-1.amazonaws.com:443][total available: 0; route allocated: 1 of 50; total allocated: 1 of 50]
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.i.c.DefaultManagedHttpClientConnection - http-outgoing-0: set socket timeout to 30000
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.i.c.DefaultManagedHttpClientConnection - http-outgoing-0: set socket timeout to 30000
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.impl.execchain.MainClientExec - Executing request POST / HTTP/1.1
2024-07-30T06:46:39,534Z [main] DEBUG o.a.h.impl.execchain.MainClientExec - Proxy auth state: UNCHALLENGED
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> POST / HTTP/1.1
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Host: ec2.eu-central-1.amazonaws.com
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> amz-sdk-invocation-id: 8e5ba2f1-093c-1f1c-a2df-a32073a2ddd4
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> amz-sdk-request: attempt=1; max=4
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Authorization: AWS4-HMAC-SHA256 Credential=<...REMOVED...>
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Content-Type: application/x-www-form-urlencoded; charset=utf-8
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> User-Agent: aws-sdk-java/2.26.25 Mac_OS_X/14.5 OpenJDK_64-Bit_Server_VM/17.0.7+7 Java/17.0.7 kotlin/1.8.20-release-327(1.8.20) vendor/Eclipse_Adoptium io/sync http/Apache cfg/retry-mode/legacy
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> x-amz-content-sha256: <...REMOVED...>
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> X-Amz-Date: 20240730T064639Z
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Content-Length: 50
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.headers - http-outgoing-0 >> Connection: Keep-Alive
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "POST / HTTP/1.1[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Host: ec2.eu-central-1.amazonaws.com[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "amz-sdk-invocation-id: 8e5ba2f1-093c-1f1c-a2df-a32073a2ddd4[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "amz-sdk-request: attempt=1; max=4[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Authorization: AWS4-HMAC-SHA256 Credential=<...REMOVED...>[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Content-Type: application/x-www-form-urlencoded; charset=utf-8[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "User-Agent: aws-sdk-java/2.26.25 Mac_OS_X/14.5 OpenJDK_64-Bit_Server_VM/17.0.7+7 Java/17.0.7 kotlin/1.8.20-release-327(1.8.20) vendor/Eclipse_Adoptium io/sync http/Apache cfg/retry-mode/legacy[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "x-amz-content-sha256: <...REMOVED...>[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "X-Amz-Date: 20240730T064639Z[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Content-Length: 50[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Connection: Keep-Alive[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "[\r][\n]"
2024-07-30T06:46:39,534Z [main] DEBUG org.apache.http.wire - http-outgoing-0 >> "Action=ModifySecurityGroupRules&Version=2016-11-15"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "HTTP/1.1 400 Bad Request[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "x-amzn-RequestId: 5d1c84bf-7e14-43ff-8279-58371187f360[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Cache-Control: no-cache, no-store[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Strict-Transport-Security: max-age=31536000; includeSubDomains[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "vary: accept-encoding[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Content-Type: text/xml;charset=UTF-8[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Transfer-Encoding: chunked[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Date: Tue, 30 Jul 2024 06:46:39 GMT[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Connection: close[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "Server: AmazonEC2[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "[\r][\n]"
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << HTTP/1.1 400 Bad Request
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << x-amzn-RequestId: 5d1c84bf-7e14-43ff-8279-58371187f360
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Cache-Control: no-cache, no-store
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Strict-Transport-Security: max-age=31536000; includeSubDomains
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << vary: accept-encoding
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Content-Type: text/xml;charset=UTF-8
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Transfer-Encoding: chunked
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Date: Tue, 30 Jul 2024 06:46:39 GMT
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Connection: close
2024-07-30T06:46:39,594Z [main] DEBUG org.apache.http.headers - http-outgoing-0 << Server: AmazonEC2
2024-07-30T06:46:39,595Z [main] DEBUG software.amazon.awssdk.requestId - Received failed response: 400, Request ID: 5d1c84bf-7e14-43ff-8279-58371187f360, Extended Request ID: not available
2024-07-30T06:46:39,595Z [main] DEBUG software.amazon.awssdk.request - Received failed response: 400, Request ID: 5d1c84bf-7e14-43ff-8279-58371187f360, Extended Request ID: not available
2024-07-30T06:46:39,595Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "f5[\r][\n]"
2024-07-30T06:46:39,595Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "<?xml version="1.0" encoding="UTF-8"?>[\n]"
2024-07-30T06:46:39,595Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "<Response><Errors><Error><Code>MissingParameter</Code><Message>The request must contain the parameter groupId</Message></Error></Errors><RequestID>5d1c84bf-7e14-43ff-8279-58371187f360</RequestID></Response>[\r][\n]"
2024-07-30T06:46:39,596Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "0[\r][\n]"
2024-07-30T06:46:39,596Z [main] DEBUG org.apache.http.wire - http-outgoing-0 << "[\r][\n]"
2024-07-30T06:46:39,596Z [main] DEBUG o.a.h.i.c.DefaultManagedHttpClientConnection - http-outgoing-0: Close connection
2024-07-30T06:46:39,596Z [main] DEBUG s.a.a.h.a.internal.net.SdkSslSocket - closing ec2.eu-central-1.amazonaws.com/52.94.138.240:443
2024-07-30T06:46:39,598Z [main] DEBUG o.a.h.impl.execchain.MainClientExec - Connection discarded
2024-07-30T06:46:39,598Z [main] DEBUG o.a.h.i.c.PoolingHttpClientConnectionManager - Connection released: [id: 0][route: {s}->https://ec2.eu-central-1.amazonaws.com:443][total available: 0; route allocated: 0 of 50; total allocated: 0 of 50]
2024-07-30T06:46:39,602Z [main] DEBUG s.a.a.retries.LegacyRetryStrategy - Request attempt 1 encountered non-retryable failure
software.amazon.awssdk.services.ec2.model.Ec2Exception: The request must contain the parameter groupId (Service: Ec2, Status Code: 400, Request ID: 5d1c84bf-7e14-43ff-8279-58371187f360)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleErrorResponse(CombinedResponseHandler.java:125)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handleResponse(CombinedResponseHandler.java:82)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:60)
	at software.amazon.awssdk.core.internal.http.CombinedResponseHandler.handle(CombinedResponseHandler.java:41)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:50)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.HandleResponseStage.execute(HandleResponseStage.java:38)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:72)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptTimeoutTrackingStage.execute(ApiCallAttemptTimeoutTrackingStage.java:42)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:78)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.TimeoutExceptionHandlingStage.execute(TimeoutExceptionHandlingStage.java:40)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptMetricCollectionStage.execute(ApiCallAttemptMetricCollectionStage.java:55)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallAttemptMetricCollectionStage.execute(ApiCallAttemptMetricCollectionStage.java:39)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage2.executeRequest(RetryableStage2.java:93)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage2.execute(RetryableStage2.java:56)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.RetryableStage2.execute(RetryableStage2.java:36)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:53)
	at software.amazon.awssdk.core.internal.http.StreamManagingStage.execute(StreamManagingStage.java:35)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.executeWithTimer(ApiCallTimeoutTrackingStage.java:80)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:60)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallTimeoutTrackingStage.execute(ApiCallTimeoutTrackingStage.java:42)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:50)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ApiCallMetricCollectionStage.execute(ApiCallMetricCollectionStage.java:32)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.pipeline.RequestPipelineBuilder$ComposingRequestPipelineStage.execute(RequestPipelineBuilder.java:206)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:37)
	at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:26)
	at software.amazon.awssdk.core.internal.http.AmazonSyncHttpClient$RequestExecutionBuilderImpl.execute(AmazonSyncHttpClient.java:210)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.invoke(BaseSyncClientHandler.java:103)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.doExecute(BaseSyncClientHandler.java:173)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:80)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:182)
	at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:74)
	at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45)
	at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:53)
	at software.amazon.awssdk.services.ec2.DefaultEc2Client.modifySecurityGroupRules(DefaultEc2Client.java:30554)
	at software.amazon.awssdk.services.ec2.Ec2Client.modifySecurityGroupRules(Ec2Client.java)

@sebdehne
Copy link
Author

I found the problem. I wasn't using the provided request-builder (initialized my own), which is wrong. The correct code is:

    // make the modify call
    ec2Client.modifySecurityGroupRules { req ->
        req
            .groupId(securityGroup.groupId())
            .securityGroupRules(SecurityGroupRuleUpdate.builder()
                .securityGroupRuleId(toBeEdited.securityGroupRuleId())
                .securityGroupRule(SecurityGroupRuleRequest.builder()
                    .cidrIpv4("1.2.3.4/32")
                    .ipProtocol("tcp")
                    .fromPort(22)
                    .toPort(22)
                    .build())
                .build())
            .build()
    }

Now it works. Thanks for the hint.

@github-actions GitHub Actions
Copy link

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@debora-ito debora-ito

Labels
bug This issue is a bug. p2 This is a standard priority issue response-requested Waiting on additional info and feedback. Will move to "closing-soon" in 10 days.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@debora-ito @sebdehne