Comments (6)
Hello @atfurman thanks for providing additional context. The errors you are seeing are related to the LZA detecting an invalid configuration. Can you please take a look at the AWS Best Practice configuration and the typedoc to check the config?
Also, our team is aware that the error messages related to configuration are not helpful, and we have a fix slated for the upcoming release to address the issue.
For more context, I was able validate that the security configuration block provided above is syntactically correct, so the issue may be related to a different config file. Can you check the diff of the configuration changes you've made to see where a configuration problem may have occurred?
from landing-zone-accelerator-on-aws.
Hello @atfurman thanks for providing additional context. The errors you are seeing are related to the LZA detecting an invalid configuration. Can you please take a look at the AWS Best Practice configuration and the typedoc to check the config?
Also, our team is aware that the error messages related to configuration are not helpful, and we have a fix slated for the upcoming release to address the issue.
For more context, I was able validate that the security configuration block provided above is syntactically correct, so the issue may be related to a different config file. Can you check the diff of the configuration changes you've made to see where a configuration problem may have occurred?
Hi @hickeydh-aws the two samples provided above are the only variables in play. The solution deployed without issue on the first config, and failed as described with the second config. Oddly enough, the second config works without issue in us-gov-west-1
.
Due to the logging being rather lacking in detail, it took something between 8 and 10 runs to isolate this specific setting as the source of the error.
from landing-zone-accelerator-on-aws.
@atfurman did you find the solution to this issue? I'm currently having the same issue. I'm on LZA 1.2. Did you happen to work with support to find a resolution to this? Really curious why this suddenly stopped worked. I haven't tested doing what you said you did with the security file.
from landing-zone-accelerator-on-aws.
@MitoMills this is for LZA 1.3 so I cannot speak to 1.2. Unfortunately the only solution I have found thus far is to set
s3PublicAccessBlock:
enable: false
and accomplish that through other means than LZA. I am hopeful that the error messages in version 1.3.1 will be more helpful in isolating the actual source of this failure.
from landing-zone-accelerator-on-aws.
Hello @atfurman,
I just wanted to follow up on this issue. I cannot reproduce the issue on my end using v1.3.0 code. I have both us-east-1 and us-west-2 enabled in my configuration, as well as s3PublicAccessBlock
enabled. I also tested against our latest code and synthesis is successful.
Have you had an opportunity to run your configuration through our latest code (v1.3.2)? Please let us know if there are any additional errors we can help troubleshoot in regards to this issue.
from landing-zone-accelerator-on-aws.
Hello,
We will be marking this issue closed due to no response, but if you continue seeing this error please feel free to re-open or open a new issue. Thanks!
from landing-zone-accelerator-on-aws.
Related Issues (20)
- GovCloud Upgrade issue v1.7.1 from v.1.6.2 HOT 1
- Management of (external) Transit Gateway Attachments HOT 1
- Safe to delete stack AWSAccelerator-LoggingStack-XXX ? HOT 1
- Pushing updates via specific stages only HOT 1
- OUs not deleted when removed from organization-config.yaml HOT 1
- LZA ControlTower redundant Logging Path Behavior HOT 1
- Security_Resources Stack fails when upgrade from 1.5.1 to 1.7.1 HOT 2
- Automate deletion of remaining stack instances and resources when a region is removed. HOT 1
- Logging stack fails upgrade from 1.4.3 to 1.7.1 HOT 2
- LZA creates some KMS keys with key rotation disabled HOT 4
- IAM Identity Center (ICC) (LZA v1.7.0+) fails to successfully create Management Account assignments - Failure message mentions missing iam:CreateSAMLProvider permission on the IIC Assignment Lambda IAM Role HOT 5
- "Unexpected end of JSON input" error in Diff stage HOT 1
- Accelerator Metadata Configuration resource name needs to be updated in documentation HOT 1
- Broken Links in TypeDocs HOT 1
- Required least privilege permissions to run LZA upgrades
- v1.8.0 Diff stage error "find: ‘./cdk.out’: No such file or directory" HOT 1
- Feature to tag roles HOT 1
- CDK Fails to deploy Customizations using Global Replacements Syntax (v1.7.1) HOT 1
- Build version failing if not using the latest version HOT 2
- Add support for Security Hub centralized configuration HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from landing-zone-accelerator-on-aws.