Unable to delete cfn stack, role is invalid or cannot be assumed
This generally occurs in case of nested stacks. Simply create a role with the same name and grant full administrator access permission to the role.With this permission power the role will be able to delete the stack. Delete the role after successful stack deletion
I've had this problem a few times. The solution is a bit of a hack. In your case, you need to create a new role named CloudFormationRole-NestedCFN-CodePipeline. When you create this role, you'll likely need to select the CloudFormation service when it asks you to Choose the service that will use this role and then Attach permissions policies. Once the role is created, try to delete the stack again.
Some of this is a guessing game because you need to choose the correct resource (i.e. AWS service) that is a "trusted entity". Based on your role name, it's either CloudFormation or CodePipeline.
After you delete the CloudFormation stack, you can delete the IAM role you just created.
The reason you get this error is because you probably deleted a CloudFormation stack that has an IAM role that's being used by the stack you're trying to delete.
I wish there was a more elegant solution from AWS but this was my workaround.
I got the same problem and the only way to delete the stack was using the AWS CLI and executing the following command:
aws cloudformation delete-stack --role-arn arn:aws:iam::xxxx:role/anyrolewithpermissions --stack-name StuckStack
just be sure to use another role with enough permissions.
This usually happens when a role required to delete the stack has been accidentally deleted. You may get the error message
Role arn:aws:iam::<account>:role/<role name> is invalid or cannot be assumed
Go to IAM > roles > create role > click on cloudformation for the service > make sure you give it the right permissions so that cloudformation can delete the stack. (In my case I gave it admin permissions because I was planning to delete the role straight after I deleted the stack > for Role name use the same role name in the error message.
You should now be able to delete the stack