Troubleshoot AWS Transit Gateway VPC attachment creation

The following topic can help you troubleshoot problems that you might have when you create a VPC attachment.

The VPC attachment failed.

The cause might be one of the following:

The user that is creating the VPC attachment does not have correct permissions to create service-linked role.
There is a throttling issue because of too many IAM requests, for example you are using AWS CloudFormation to create permissions and roles.
The account has the service-linked role, and the service-linked role has been modified.
The transit gateway is not in the available state.

Depending on the cause, try the following:

Verify that the user has the correct permissions to create service-linked roles. For more information, see Service-linked role permissions in the IAM User Guide. After the user has the permissions, create the VPC attachment.
Create the VPC attachment manually. For more information, see Create a VPC attachment in AWS Transit Gateway.
Verify that the service-linked role has the correct permissions. For more information, see Transit gateway service-linked role.
Verify that the transit gateway is in the available state. For more information, see View transit gateway information in AWS Transit Gateway.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Remove stale security group rules

Network function attachments