search

F5Networks / f5-aws-cloudformation-v2

AWS Cloudformation Templates for quickly deploying BIG-IP services in AWS
13 stars 22 forks source link

Failover Existing Network Deployment Fails in GovCloud #27

Open bradotlin opened 1 year ago

bradotlin commented 1 year ago

Describe the bug

Deploying Failover Existing Network CFT in GovCloud fails

Expected behavior

Successful deployment

Current behavior

Deployment fails in the nested "Access" stack with the following event errors:

2022-11-20 15:48:14 UTC-0500 b-Access-**** CREATE_FAILED The following resource(s) failed to create: [BigIpHighAvailabilityAccessRole, LambdaAmiExecutionRole].
2022-11-20 15:48:13 UTC-0500 BigIpHighAvailabilityAccessRole CREATE_FAILED Policy statement must contain resources. (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: ****; Proxy: null)
2022-11-20 15:48:12 UTC-0500 LambdaAmiExecutionRole CREATE_FAILED Partition "aws" is not valid for resource "arn:aws:logs:::*". (Service: AmazonIdentityManagement; Status Code: 400; Error Code: MalformedPolicyDocument; Request ID: ****; Proxy: null)

Possible solution

Steps to reproduce

Simply attempt to deploy the Failover existing network v2 CFT in GovCloud West.

Screenshots

Screen Shot 2022-11-20 at 3 48 28 PM

Context

Your Environment

f5-applebaum commented 1 year ago

Thanks for reporting. Internal Issue# 3225 "Partition hardcoded. Should use template's internal var ${AWS::Partition}" has been created.