Closed PastafarianPirate closed 2 years ago
Chased it down to : API: ec2:RunInstances Not authorized for images: [ami-0db153619de617953]
This issue has been resolved in PR #19, but the Quick Start still does not fully work - it would fail at the VDA creation step because the VDA setup file URL in code has been restricted access: https://s3.us-east-2.amazonaws.com/ctxs-vda-installer/vda/VDAServerSetup_1903.exe.
Thus we haven't been able to push the templates through our CI to get it republished. I'm working with Citrix to get it resolved.
A temporary workaround is to run the Quick Start from your own bucket using the code in develop branch, with the following modifications.
source: https://s3.us-east-2.amazonaws.com/ctxs-vda-installer/vda/VDAServerSetup_1903.exe
to match the bucket path you uploaded the file to. For example,
source: https://s3.<bucket-region>.amazonaws.com/<bucket-name>/<path>/VDAServerSetup_1903.exe
s3://${QSS3BucketName}/${QSS3KeyPrefix}installer/VDAServerSetup.exe:
c:\cfn\scripts\VDAServerSetup.exe:
source:
!Sub
- 'https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QSS3KeyPrefix}installer/VDAServerSetup.exe'
- S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref QSS3BucketRegion]
S3Bucket: !If [UsingDefaultBucket, !Sub '${QSS3BucketName}-${AWS::Region}', !Ref QSS3BucketName]
authentication: S3AccessCreds
You can simplify it as well to not use the conditional substitutions, by hardcoding the Region of the bucket, e.g. assuming it is us-east-1
c:\cfn\scripts\VDAServerSetup.exe:
source:
!Sub https://${QSS3BucketName}.s3.us-east-1.${AWS::URLSuffix}/${QSS3KeyPrefix}installer/VDAServerSetup.exe
authentication: S3AccessCreds
I can also solve this by adding a new parameter: CitrixVDAServerSetupFileLocation
that you can pass a value to, but I'm trying to avoid that extra work if we can restore the past behavior.
Perfect! Thank you. How can i change the managed AD from Enterprise to Standard.
THANK YOU!
Sorry to be daft here, but have this done.
Uploaded the exe to a public bucket Edited the code to reference the public bucket
Now how do I use this?
No worries, feel free to contact me on LinkedIn (details in profile) if you'd like to arrange a meeting.
The short gist is that you would use the Template URL from your bucket when launching the stack in CloudFormation, i.e. instead of the default one: https://s3.amazonaws.com/aws-quickstart/quickstart-citrix-virtualapps-service/templates/citrix-virtualapps-service-master.yaml, use
Perfect! Thank you. How can i change the managed AD from Enterprise to Standard.
We didn't expose the parameter in the Citrix Quick Start, but the nested AD Quick Start does support that. So to switch to Standard, you can update the citrix-virtualapps-service-master.yaml
template and pass it to ADStack
. i.e. add a new parameter: ADEdition: Standard
in this section when invoking the nested ADStack
: https://github.com/aws-quickstart/quickstart-citrix-virtualapps-service/blob/80767f1ef72812e5e9f93f8060f8186c001f8ac0/templates/citrix-virtualapps-service-master.yaml#L366-L382
Vinod,
I have made the changes you suggested, but now get: Embedded stack arn:aws:cloudformation:us-east-2:522596926697:stack/Citrix-Virtual-Apps-CitrixResourceLocationStack-1UH42THFUTJ8T/9f2fef00-f428-11eb-bfa0-021d769ca334 was not successfully created: The following resource(s) failed to create: [CitrixCloudConnectors].
Raj Croager MARJEN Technology Group LLC Phone:+1 817.471.1238 Email: @. Web: www.marjentech.com Address:559 Silicon Dr. Ste 101 Southlake, TX 76092 This email and any files transmitted with it are confidential and intended solely for the use of the individual(s) to whom they are addressed. Information contained herein may be privileged or otherwise protected by copyright, work product immunity, or other legal statutes. If you are not the intended recipient you are hereby notified that copying, distributing, disclosing, or otherwise disseminating the content in any way is strictly prohibited. Views or opinions presented in this email are solely those of the author and do not necessarily represent those of the company. From: Vinod Shukla @.> Sent: Friday, July 23, 2021 2:37 PM To: aws-quickstart/quickstart-citrix-virtualapps-service @.> Cc: Raj Croager @.>; Author @.***> Subject: Re: [aws-quickstart/quickstart-citrix-virtualapps-service] QS failes at Connector Creation (#20)
[ CAUTION: This email originated from outside of the organization. Do not follow guidance, click links, or open attachments unless you recognize the sender and know the content is safe.]
Perfect! Thank you. How can i change the managed AD from Enterprise to Standard.
We didn't expose the parameter in the Citrix Quick Start, but the nested AD Quick Start does support that. So to switch to Standard, you can update the citrix-virtualapps-service-master.yaml template and pass it to ADStack. i.e. add a new parameter: ADEdition: Standard in this section when invoking the nested ADStack: https://github.com/aws-quickstart/quickstart-citrix-virtualapps-service/blob/80767f1ef72812e5e9f93f8060f8186c001f8ac0/templates/citrix-virtualapps-service-master.yaml#L366-L382https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_aws-2Dquickstart_quickstart-2Dcitrix-2Dvirtualapps-2Dservice_blob_80767f1ef72812e5e9f93f8060f8186c001f8ac0_templates_citrix-2Dvirtualapps-2Dservice-2Dmaster.yaml-23L366-2DL382&d=DwQCaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=vivnF-GxMYckwhv66hwf3N2Hom4sSUmYFYqGZ_HRwo0&m=tbVeyO1dMJG6tm5f9yqBIRHew_7VGUCJiUHWvRDgrM8&s=sDOzJOU5ffQM5BRPmI0NDy8hz2gt-XvbzHS9bpUgwQ8&e=
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_aws-2Dquickstart_quickstart-2Dcitrix-2Dvirtualapps-2Dservice_issues_20-23issuecomment-2D885871436&d=DwMCaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=vivnF-GxMYckwhv66hwf3N2Hom4sSUmYFYqGZ_HRwo0&m=tbVeyO1dMJG6tm5f9yqBIRHew_7VGUCJiUHWvRDgrM8&s=WBQLJG-p1wcm7stMoLHb5D-syQYKMfQrdjgtH4hNbt8&e=, or unsubscribehttps://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_ALTZB5TUFYT7MGOX474DPZLTZHAEPANCNFSM5A4JGYCQ&d=DwMCaQ&c=euGZstcaTDllvimEN8b7jXrwqOf-v5A_CdpgnVfiiMM&r=vivnF-GxMYckwhv66hwf3N2Hom4sSUmYFYqGZ_HRwo0&m=tbVeyO1dMJG6tm5f9yqBIRHew_7VGUCJiUHWvRDgrM8&s=w0FMTYU8uIUZKsqlwG_GEt3CBVBYPq5Sp1i_TkmTuk0&e=.
This email has been scanned for spam and viruses by Proofpoint Essentials. Click herehttps://us3.proofpointessentials.com/index01.php?mod_id=11&mod_option=logitem&mail_id=1627069004-uktdXT7DVre1&r_address=rcroager%40marjentech.com&report=1 to report this email as spam.
This is resolved in #27
Getting the following: Embedded stack arn:aws:cloudformation:us-east-2:117793589184:stack/Citrix-Virtual-Apps-CitrixResourceLocationStack-1BGIHCBTSORE3/52f97590-ebcf-11eb-8285-02c1f8d20b10 was not successfully created: The following resource(s) failed to create: [CitrixCloudConnectors]
Also, and not an issue so much as a question. Is there a way to change the AD type from Ent to Std?