EC2 InvalidVpcEndpointServiceAllowedPrincipalID.NotFound

The specified VPC endpoint service allowed principal ID does not exist or is incorrect.

Understanding Amazon EC2 and VPC Endpoint Services

Amazon Elastic Compute Cloud (EC2) is a web service that provides secure, resizable compute capacity in the cloud. It is designed to make web-scale cloud computing easier for developers. A VPC Endpoint Service allows you to create a private connection between your VPC and another AWS service without requiring an internet gateway, NAT device, VPN connection, or AWS Direct Connect connection.

Identifying the Symptom

When working with VPC Endpoint Services in EC2, you might encounter the error code InvalidVpcEndpointServiceAllowedPrincipalID.NotFound. This error indicates that the specified VPC endpoint service allowed principal ID does not exist or is incorrect.

What You Observe

When attempting to add or modify a VPC endpoint service, you receive an error message stating that the allowed principal ID is not found. This prevents you from successfully configuring the endpoint service.

Explaining the Issue

The error InvalidVpcEndpointServiceAllowedPrincipalID.NotFound occurs when the principal ID specified in your request is not recognized by the system. This could be due to a typo, an incorrect ID, or the principal being removed from the AWS account.

Common Causes

  • The principal ID is incorrectly typed or formatted.
  • The principal ID refers to a user or role that no longer exists.
  • The principal ID is not associated with the correct AWS account.

Steps to Resolve the Issue

To resolve the InvalidVpcEndpointServiceAllowedPrincipalID.NotFound error, follow these steps:

1. Verify the Principal ID

Ensure that the principal ID you are using is correct. Double-check the ID for any typos or formatting errors. You can find the correct principal ID in the AWS Management Console under the IAM section.

2. Check Principal Existence

Confirm that the principal (user or role) still exists in your AWS account. Navigate to the IAM Console and verify that the principal is listed and active.

3. Update the Endpoint Service

If the principal ID was incorrect, update your VPC endpoint service configuration with the correct ID. Use the AWS CLI or Management Console to make the necessary changes. For example, using the AWS CLI:

aws ec2 modify-vpc-endpoint-service-permissions --service-id vpce-svc-0123456789abcdef --add-allowed-principals arn:aws:iam::123456789012:role/ExampleRole

4. Review IAM Policies

Ensure that the IAM policies associated with the principal allow access to the VPC endpoint service. Adjust the policies if necessary to grant the required permissions.

Additional Resources

For more information on managing VPC endpoint services, refer to the AWS VPC Endpoint Services Documentation. If you continue to experience issues, consider reaching out to AWS Support for further assistance.

Never debug

EC2

manually again

Let Dr. Droid create custom investigation plans for your infrastructure.

Book Demo
Automate Debugging for
EC2
See how Dr. Droid creates investigation plans for your infrastructure.
Book Demo

MORE ISSUES

EC2 InvalidTransitGatewayRouteTableID.Malformed error encountered when specifying a transit gateway route table ID.
The specified transit gateway route table ID is not in the correct format.
EC2 InvalidTransitGatewayRouteTableAssociationID.Malformed error encountered.
The specified transit gateway route table association ID is not in the correct format.
EC2 InvalidTransitGatewayRouteTablePropagationID.Malformed error encountered when working with AWS EC2.
The specified transit gateway route table propagation ID is not in the correct format.
EC2 InvalidVpcPeeringConnectionID.Malformed
The specified VPC peering connection ID is not in the correct format.
EC2 InvalidVpcEndpointServiceID.NotFound error encountered when trying to use a VPC endpoint service.
The specified VPC endpoint service ID does not exist or is incorrect.
EC2 InvalidVpcEndpointID.Malformed error encountered when trying to access or manage a VPC endpoint.
The specified VPC endpoint ID is not in the correct format.
EC2 InvalidVpcEndpointConnectionID.Malformed error encountered when attempting to connect to a VPC endpoint.
The specified VPC endpoint connection ID is not in the correct format.
EC2 InvalidVpcEndpointServiceID.Malformed error encountered when attempting to use a VPC endpoint service.
The specified VPC endpoint service ID is not in the correct format.
EC2 InvalidVpcEndpointServicePermissionID.Malformed
The specified VPC endpoint service permission ID is not in the correct format.
EC2 InvalidVpcEndpointServiceAllowedPrincipalID.Malformed error encountered when configuring VPC endpoint service.
The specified VPC endpoint service allowed principal ID is not in the correct format.
EC2 InvalidVpcEndpointServiceAllowedPrincipalID.NotFound
The specified VPC endpoint service allowed principal ID does not exist or is incorrect.
EC2 InvalidVpcEndpointServiceConfigurationID.Malformed error when configuring a VPC endpoint service.
The VPC endpoint service configuration ID is not in the correct format.
EC2 InvalidVpcEndpointServiceConfigurationID.NotFound
The specified VPC endpoint service configuration ID does not exist or is incorrect.
EC2 InvalidVpcEndpointServicePermissionID.NotFound error encountered when attempting to manage VPC endpoint service permissions.
The specified VPC endpoint service permission ID does not exist or is incorrect.
EC2 InvalidVpcEndpointConnectionID.NotFound error encountered when attempting to manage VPC endpoint connections.
The specified VPC endpoint connection ID does not exist or is incorrect.
EC2 InvalidVpcEndpointID.NotFound error encountered when attempting to access a VPC endpoint.
The specified VPC endpoint ID does not exist or is incorrect.
EC2 InvalidTransitGatewayRouteTableAssociationID.NotFound
The specified transit gateway route table association ID does not exist or is incorrect.
EC2 InvalidVpcPeeringConnectionID.NotFound error when attempting to describe or modify a VPC peering connection.
The specified VPC peering connection ID does not exist or is incorrect.
EC2 InvalidTransitGatewayRouteTablePropagationID.NotFound
The specified transit gateway route table propagation ID does not exist or is incorrect.
EC2 InvalidTransitGatewayAttachmentID.NotFound error encountered when trying to access or modify a transit gateway attachment.
The specified transit gateway attachment ID does not exist or is incorrect.
EC2 InvalidTransitGatewayRouteTableID.NotFound
The specified transit gateway route table ID does not exist or is incorrect.
EC2 InvalidTransitGatewayID.NotFound error encountered when attempting to perform operations involving a transit gateway.
The specified transit gateway ID does not exist or is incorrect.
EC2 InvalidNatGatewayID.NotFound
The specified NAT gateway ID does not exist or is incorrect.
EC2 InvalidLaunchTemplateName.NotFound error encountered when trying to launch an EC2 instance.
The specified launch template name does not exist or is incorrect.
EC2 InvalidIAMInstanceProfileID.NotFound error encountered when launching or modifying an EC2 instance.
The specified IAM instance profile ID does not exist or is incorrect.
EC2 InvalidInternetGatewayID.NotFound
The specified internet gateway ID does not exist or is incorrect.
EC2 InvalidDhcpOptionsID.NotFound
The specified DHCP options ID does not exist or is incorrect.
EC2 InvalidTag.NotFound error encountered when attempting to access or modify a tag on an EC2 instance.
The specified tag does not exist or is incorrect.
EC2 InvalidElasticIP.NotFound error encountered when attempting to associate an Elastic IP with an EC2 instance.
The specified Elastic IP address does not exist or is incorrect.
EC2 InvalidIAMInstanceProfileAssociationID.NotFound
The specified IAM instance profile association ID does not exist or is incorrect.
EC2 InvalidInstanceType error encountered when launching an EC2 instance.
The specified instance type is not valid or not supported in the selected region.
EC2 InvalidVolume.NotFound error encountered when attempting to access an EC2 volume.
The specified volume ID does not exist or is incorrect.
EC2 InvalidLaunchTemplateID.NotFound
The specified launch template ID does not exist or is incorrect.
EC2 InvalidPlacementGroup.Unknown
The specified placement group does not exist or is incorrect.
EC2 InvalidInstanceID.Malformed
The specified instance ID is not in the correct format.
EC2 InvalidRouteTableID.NotFound error encountered when attempting to modify or describe a route table.
The specified route table ID does not exist or is incorrect.
EC2 InvalidNetworkInterfaceID.NotFound error encountered when attempting to use a network interface.
The specified network interface ID does not exist or is incorrect.
EC2 InvalidSubnetID.NotFound error encountered when launching an EC2 instance.
The specified subnet ID does not exist or is incorrect.
EC2 Invalid VPC ID error when attempting to perform operations on a VPC.
The specified VPC ID does not exist or is incorrect.
EC2 InvalidSnapshot.NotFound error encountered when attempting to access a snapshot.
The specified snapshot ID does not exist or is incorrect.
EC2 DependencyViolation error encountered when attempting to perform an operation on an EC2 instance.
The operation cannot be completed due to a dependency on another resource.
EC2 InvalidParameterValue error encountered when making an API request to EC2.
One or more parameters provided in the request are invalid.
EC2 RequestLimitExceeded
The request rate for the account has exceeded the allowed limit.
EC2 InvalidSecurityGroupID.NotFound error when trying to launch or modify an EC2 instance.
The specified security group ID does not exist or is incorrect.
EC2 InvalidKeyPair.NotFound error when launching an EC2 instance.
The specified key pair does not exist or is incorrect.
EC2 InstanceNotFound error when trying to access an EC2 instance.
The specified instance ID does not exist or is incorrect.
EC2 InvalidAMIID.NotFound error when trying to launch an EC2 instance.
The specified AMI ID does not exist or is incorrect.
EC2 VolumeInUse error when attempting to detach or delete an EBS volume.
The specified EBS volume is currently attached to an instance.
EC2 UnauthorizedOperation error encountered when attempting to perform an EC2 operation.
The user does not have permission to perform the requested operation.
EC2 InstanceLimitExceeded error when attempting to launch a new EC2 instance.
The requested instance cannot be launched because it would exceed the user's EC2 instance limit.
EC2 InsufficientInstanceCapacity error when launching an EC2 instance.
AWS does not have enough available capacity to fulfill the request for the specified instance type.

Backed by

Platform

AI OpsAlert Grouping & De-DuplicationPlayBooksKubernetes Bot

Resources

DocumentationFun For DevsBlog

Contact

Contact UsAbout UsCareersTerms and ConditionsPrivacy PolicyShipping & and Delivery PolicyCancellation & Refund Policy

Connect

Slack CommunityGithubLinkedInX (Twitter)
Made with ❤️ in Bangalore & San Francisco 🏢

Doctor Droid