Missing resources, wrong scope, lifecycle drift, and state mismatches.
Last reviewed: March 4, 2026|55 mapped errors|Page 1 of 4
Resource-state errors appear when identifiers, region or account scope, lifecycle state, or consistency timing do not match request assumptions.
Provider-specific error pages mapped to this category (55 total). Showing 1-15.
AWS InvalidAccessKeyId (Invalid Access Key Id) means the AWS access key ID in the request does not exist in AWS records. In Amazon S3, this error returns HTTP 403.
AWS InvalidAddressingHeader means the request is missing or using an invalid addressing-role header; in S3 this appears with the message "You must specify the Anonymous role" (HTTP status listed as N/A).
AWS InvalidAMIID.NotFound means the specified AMI does not exist, is not visible in the selected region/account scope, or is blocked by image-allow criteria.
Amazon EC2 returns `InvalidGroup.NotFound` when the referenced security group ID or name cannot be found in the target VPC scope.
AWS InvalidInstanceID.NotFound means the specified instance ID does not exist in the current scope, or it has not fully propagated yet.
AWS InvalidKeyPair.NotFound (EC2 Invalid Key Pair Not Found) means the specified key pair does not exist in the selected region.
AWS InvalidObjectState means the requested operation is not valid for the object’s current state in S3 (HTTP 403).
AWS InvalidSnapshot.NotFound means the specified EBS snapshot does not exist for the account and region context of the request.
Amazon EC2 returns `InvalidSubnetID.NotFound` when the requested subnet ID cannot be found in the account-region context for the operation.
AWS NoSuchBucket (No Such Bucket) means the specified bucket does not exist. In Amazon S3, this error returns HTTP 404.
AWS NoSuchDistribution means the specified CloudFront distribution does not exist in the current account scope (HTTP 404).
AWS NoSuchEntity (No Such Entity) is an IAM-specific error meaning the referenced IAM entity (user, role, group, or policy path target) does not exist. In IAM API operations, this error returns HTTP 404.
AWS NoSuchKey (No Such Key) means the specified object key does not exist in the target bucket. In Amazon S3, this error returns HTTP 404.
AWS RequestTooLargeException means the payload sent to a Lambda function exceeds the maximum allowed invocation payload size. Synchronous invocations are limited to 6MB and asynchronous invocations are limited to 256KB. The request is rejected before the function executes.
AWS TableNotFoundException indicates that the DynamoDB operation targeted a table name that does not exist in the specific AWS Region and Account provided in the client configuration.
Compare Guide
Use 403 for explicit access denial, or 404 to conceal resource existence when security policy requires reducing endpoint and object enumeration risk.
Compare Guide
Learn when to return 404 (missing or temporary absence) versus 410 (intentional permanent removal), including redirect and cache implications.
Playbook
Use this playbook to separate temporary missing-resource lookups from permanent removals, then fix scope, lifecycle, and identifier drift safely.
Temporary 404s often resolve after propagation or deployment completion, while permanent removals are typically explicit lifecycle events (for example 410 semantics).
Many control planes are eventually consistent. Read-after-write visibility can lag and briefly return not-found responses.
Confirm exact scope and identifier tuple: resource name, region, account/subscription/project, and parent container.