Comments (5)
This is a default quota from AWS for new accounts. Try to reach AWS Support and they will help you. https://repost.aws/questions/QUNe84jgBRQ9G5ACLDUzCt4w/free-tier-accounts-code-build-stops-after-45-min
from landing-zone-accelerator-on-aws.
Which stage or stages are timing out?
from landing-zone-accelerator-on-aws.
hello @crissupb thanks for the question.
we are trying to deploy the tse-se architecture and our CodeBuild job “AWSAccelerator-ToolkitProject:'ID'” had failed at Stage "Deploy" step "network-associations" due to the build timeout which had happened at 45 minutes.
we set the project timeout value to 8 hours however when we start a build, the project level build timeout setting of 8 hour was not being applied to the individual builds, instead it was defaulting to 45 minutes.
We are trying to deploy a Shared Network Configuration with 3 Accounts, One Account is our Shared Services Account, which deploy a MAD and shared the directory with the other 2 Accounts.
This takes more than 45 min but because of the build Timeout the pipeline fails and rollback the cloudformation stack.
from landing-zone-accelerator-on-aws.
Hello @MigueAngelRamirez please let us know if you are still experiencing problems with CodeBuild timeouts. @rboboc111 Thank you for the possible solution!
In the meantime, our team will evaluate the feature request to increase the default CodeBuild timeout.
from landing-zone-accelerator-on-aws.
hey @hickeydh-aws,
we try to deploy the LZA TSE-SE sample architecture but this solution was failing on the Network_Associations_Config step of the Deploy stage.
We found out that the Managed Active Directory instance did not receive the resource signals in time, which cause the CodeBuild Timeout.
The instance profile tried to make a GetSecretValue call. However, it was being denied by a service control policy AWSAccelerator-Quarantine-New-Object.
We solved this by adding the EC2-Default-SSM-AD-Role to the policy document to successfully deploy the architecture.
{ "Version": "2012-10-17", "Statement": [ { "Sid": "DenyAllAWSServicesExceptBreakglassRoles", "Effect": "Deny", "Action": "*", "Resource": "*", "Condition": { "ArnNotLike": { "aws:PrincipalARN": [ "arn:${PARTITION}:iam::*:role/${MANAGEMENT_ACCOUNT_ACCESS_ROLE}", "arn:${PARTITION}:iam::*:role/aws*", "arn:${PARTITION}:iam::*:role/AWSA*", "arn:${PARTITION}:iam::*:role/cdk-accel-*", "arn:${PARTITION}:iam::*:role/EC2-Default-SSM-AD-Role" ] } } } ] }
Thanks
from landing-zone-accelerator-on-aws.
Related Issues (20)
- Referring dynamic IP ranges allocated by IPAM to VPCs in the route tables HOT 1
- Change to guard duty check - Ensure aws config is enabled - now failing
- LZA Patch for GovCloud Feature Request HOT 1
- Default VPCs no deleted in GovCloud HOT 1
- Add support to tag network interfaces HOT 2
- GovCloud Upgrade issue v1.7.1 from v.1.6.2 HOT 1
- Management of (external) Transit Gateway Attachments HOT 1
- Safe to delete stack AWSAccelerator-LoggingStack-XXX ? HOT 1
- Pushing updates via specific stages only HOT 1
- OUs not deleted when removed from organization-config.yaml HOT 1
- LZA ControlTower redundant Logging Path Behavior HOT 1
- Security_Resources Stack fails when upgrade from 1.5.1 to 1.7.1 HOT 2
- Automate deletion of remaining stack instances and resources when a region is removed. HOT 1
- Logging stack fails upgrade from 1.4.3 to 1.7.1 HOT 2
- LZA creates some KMS keys with key rotation disabled HOT 4
- IAM Identity Center (ICC) (LZA v1.7.0+) fails to successfully create Management Account assignments - Failure message mentions missing iam:CreateSAMLProvider permission on the IIC Assignment Lambda IAM Role HOT 5
- "Unexpected end of JSON input" error in Diff stage HOT 1
- Accelerator Metadata Configuration resource name needs to be updated in documentation HOT 1
- Broken Links in TypeDocs HOT 1
- Required least privilege permissions to run LZA upgrades
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from landing-zone-accelerator-on-aws.