MikeGrande
commented
8 months ago I had asked the same thing and per a week ago was told(by AWS) because of conflicts on resources its one PCA deployment per account.
Open hyde-mattholgate opened 8 months ago
MikeGrande
commented
8 months ago I had asked the same thing and per a week ago was told(by AWS) because of conflicts on resources its one PCA deployment per account.
chrislott
commented
8 months ago Thanks both - we have put this on the roadmap for an upcoming release.
hyde-mattholgate
commented
8 months ago Thanks both for the replies.
Chris would it be possible to tell me the exact resources used in the CloudFormation stacks that have the conflicts? We are looking to see if we can get multiple instances working ourselves by amending the CloudFormation.
chrislott
commented
8 months ago It is all the ssm parameters found in the pca-ssm/cfn template. The issue is they have hardcoded names.
The way I plan on fixing this is by passing the name of the main stack to this nested stack, and prepending the stack name to the parameter names. This will guarantee a unique parameter store name.
I will also pass the main stack name to all the nested stacks and Lambda functions that read from those parameters, so they can find the correct parameter for their PCA application.
If you are able to get to it, we would love a pull request! 😀
hyde-mattholgate
commented
8 months ago Hi @chrislott I have submitted an initial PR to create a parameter for the main stack name and to preprend this stack name to the first resource in ssm.template
Please could you review and let me know if this is along the correct lines for what you meant and if so I can amend all the SSM parameters and look at passing the name to the nested stacks and Lambdas. This is one of my first times writing CloudFormation (more of a Terraform person ...) so my syntax might be slightly off, for example for the new resource name in the SSM template I was not sure about the quotation marks: Name: !Sub "'${MainStackName}'-BulkUploadBucket"
Also - do you know which lambdas will need the MainStackName parameter passing to them or do you know an easy way of finding out?
Thanks
chrislott
commented
6 months ago Hi @hyde-mattholgate ,
Happy new year! Just reviewed the PR, and this is exactly what I would do. The next step is to make sure all the Lambda functions also have the main stack name as an env variable, and that the code is modified to read the specific parameter for that stack. If you're able to add this to your PR, I will accept and merge it in. If not, no worries, as this is one of our priorities for an upcoming release.
Chris
akashbhandari999
commented
1 week ago Hi @chrislott Is there any update on this?
Is it possible to deploy multiple instances of the PCA CloudFormation stack in one account? We are currently getting CloudFormation deploy errors when trying to deploy a second instance of the CloudFormation stack in an account. Both instances have Kendra enabled which might be causing the issue.