CDK on AWS - Unable to add new-unit


I’m running CDK on AWS, the cluster is running in production for a while now.
When I tried to scale out the workers using add-unit kubernetes-worker, the process failed with the following error:
cannot set up groups: revoking security group “sg-xxxxxxxxxxxxx” (in VPC “vpc-xxxxxxxxx”): The specified rule does not exist in this security group. (InvalidPermission.NotFound).

The error does not specify which rule is missing here, I’ve checked the SG and could see there are plenty of rules and also attempted to add any->any rule but it did not helped.

Any idea on this?


For a while we had this issue with the clouds because juju had the user credentials for the clouds, but the charms didn’t. Any setup necessary after the juju portion of getting a machine was a manual process. Luckily, we recently added integrator charms that you will want to use. The charm for AWS is aws-integrator and you deploy it and then trust it and it has permission to get the credentials from juju in order to do the things that are necessary to add a unit. You can just drop it on another existing node as it doesn’t use many resources. Check out the integrator docs for more information.