The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
Apache License 2.0
725
stars
233
forks
source link
[BUG] [SM] State Machine has failed while upgrading ASEA env from 1.5.7-b to 1.5.8-d #1217
Bug reports which fail to provide the required information will be closed without action.
Required Basic Info
Accelerator Version: v1.5.8-d
Install Type: Upgrade
Upgrade from version: v1.5.7-b
Which State did the Main State Machine Fail in: Deploy Phase -1
Describe the bug
The AWS secure environment accelerator upgrade is failing from 1.5.7-b to 1.5.8-d while running state machine due to account key in config file has '_' underscore in its name. The underscore is in the config file for an account that was actually added to the config by the state machine itself when we migrated the account into org.
Failure Info
What error messages have you identified, if any:
Error in cloud watch logs:
Error: Stack name must match the regular expression: /^[A-Za-z][A-Za-z0-9-]*$/, got 'XXX-XXXXXLabs673_6D8D13-Phase-1'
[Container] 2024/02/22 14:29:12.931155 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: sh docker-entrypoint.sh. Reason: exit status 1
[Container] 2024/02/22 14:29:12.979390 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: if [ $buildComplete = "complete" ]; then echo "Build Finished"; else echo "Build did not finish. please review logs for errors!" && exit 1; fi. Reason: exit status 1
What symptoms have you identified, if any:
The cloud formation stack which is getting created in member account as part of code build for ASEA upgrade is having the same name as "account key" in config file. And because it has underscore in its name the cloud formation stack is not getting created.
Config file section for the member account for which the state machine is failing:
"XXXXLabs67_3-6D8D13": {
"account-name": "XXXX Labs 67-3",
"email": "awsroot+workflow01@XXXX-XXXX.com",
"ou": "Transitional",
"ou-path": "Transitional",
"src-filename": "config.json"
},
Required files
Please provide a copy of your config.json file (sanitize if required)
Config file section for the member account for which the state machine is failing:
If a CodeBuild step failed- please provide the full CodeBuild Log
given above
If a Lambda step failed - please provide the full Lambda CloudWatch Log
NA
In many cases it would be helpful if you went into the failed sub-account and region, CloudFormation, and provided a screenshot of the Events section of the failed, deleted, or rolled back stack including the last successful item, including the first couple of error messages (bottom up)
NA
Steps To Reproduce
Keep underscore in account key in config.json file.
run ASEA upgrade as steps given in upgrade document which will trigger the state machine
State machine has failed
Expected behavior
The State machine should complete without any error.
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
Add any other context about the problem here.
Bug reports which fail to provide the required information will be closed without action.
Required Basic Info
Describe the bug The AWS secure environment accelerator upgrade is failing from 1.5.7-b to 1.5.8-d while running state machine due to account key in config file has '_' underscore in its name. The underscore is in the config file for an account that was actually added to the config by the state machine itself when we migrated the account into org.
Failure Info
What error messages have you identified, if any: Error in cloud watch logs: Error: Stack name must match the regular expression: /^[A-Za-z][A-Za-z0-9-]*$/, got 'XXX-XXXXXLabs673_6D8D13-Phase-1' [Container] 2024/02/22 14:29:12.931155 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: sh docker-entrypoint.sh. Reason: exit status 1 [Container] 2024/02/22 14:29:12.979390 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: if [ $buildComplete = "complete" ]; then echo "Build Finished"; else echo "Build did not finish. please review logs for errors!" && exit 1; fi. Reason: exit status 1
What symptoms have you identified, if any: The cloud formation stack which is getting created in member account as part of code build for ASEA upgrade is having the same name as "account key" in config file. And because it has underscore in its name the cloud formation stack is not getting created. Config file section for the member account for which the state machine is failing: "XXXXLabs67_3-6D8D13": { "account-name": "XXXX Labs 67-3", "email": "awsroot+workflow01@XXXX-XXXX.com", "ou": "Transitional", "ou-path": "Transitional", "src-filename": "config.json" },
Required files
Please provide a copy of your config.json file (sanitize if required) Config file section for the member account for which the state machine is failing:
"XXXXLabs67_3-6D8D13": { "account-name": "XXXX Labs 67-3", "email": "awsroot+workflow01@XXXX-XXXX.com", "ou": "Transitional", "ou-path": "Transitional", "src-filename": "config.json" },
If a CodeBuild step failed- please provide the full CodeBuild Log given above
If a Lambda step failed - please provide the full Lambda CloudWatch Log NA
In many cases it would be helpful if you went into the failed sub-account and region, CloudFormation, and provided a screenshot of the Events section of the failed, deleted, or rolled back stack including the last successful item, including the first couple of error messages (bottom up) NA Steps To Reproduce
Expected behavior The State machine should complete without any error.
Screenshots If applicable, add screenshots to help explain your problem.
Additional context Add any other context about the problem here.