Troubleshooting cluster secret rotation in AWS PCS

Cluster secret rotation fails if the environment isn't properly prepared. The most common cause is active instances in your cluster. To prevent failure:

Set all node groups to 0 capacity.
Wait for nodes to stop.
Verify your cluster isn't in these states: CREATE_FAILED, DELETE_FAILED, SUSPENDING, or SUSPENDED.

If rotation fails:

A RotationFailed CloudTrail event appears
The cluster secret remains unchanged
Check the RotationFailed event in CloudTrail for details
Complete all preparation steps for successful rotation

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

FAQ

Compute node groups