search

aws-samples / aws-cudos-framework-deployment

Command Line Interface tool for Cloud Intelligence Dashboards deployment
https://catalog.workshops.aws/awscid
MIT No Attribution
372 stars 138 forks source link

fix crawler permissions #822

Closed iakov-aws closed 3 weeks ago

iakov-aws commented 1 month ago

Issue #, if available:

Description of changes:

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

JoshiiSinfield commented 1 month ago

+1 hitting this. Crawler is failing as not got permissions to log out. Also had to incldue the s3:ListBucket as per this PR to fix it.

joseluis-fw commented 1 month ago

Yes, crawler is broken, missing permissions.

iakov-aws commented 1 month ago

@yprikhodko @esc1144 @vmindru please can you approve this? looks like we need to publish this fix asap.

iakov-aws commented 1 month ago

@joseluis-fw @JoshiiSinfield was it CFN or TF install where you saw the issue?

joseluis-fw commented 3 weeks ago

@iakov-aws I am using the terraform setup for the dashboard, but it's only a wrapper for that cloudformation template.

this is the snippet:

module "cid_dashboards" {
    source = "github.com/aws-samples/aws-cudos-framework-deployment//terraform-modules/cid-dashboards"

    stack_name      = "Cloud-Intelligence-Dashboards"
    template_bucket = aws_s3_bucket.this.id

    stack_parameters = {
      "CURBucketPath" = "s3://cid-${data.aws_caller_identity.current.account_id}-shared/cur/${var.aws_master_account_id}/cid-cur/cid-cur/"
      "PrerequisitesQuickSight"            = "yes"
      "PrerequisitesQuickSightPermissions" = "yes"
      "QuickSightUser"                     = "AWSReservedSSO_Admin_xxxx/wadus@tradus.com"
      "DeployCUDOSDashboard"               = "yes"
      "DeployCostIntelligenceDashboard"    = "yes"
      "DeployKPIDashboard"                 = "yes"
    }
}