The AWS Secure Environment Accelerator is a tool designed to help deploy and operate secure multi-account, multi-region AWS environments on an ongoing basis. The power of the solution is the configuration file which enables the completely automated deployment of customizable architectures within AWS without changing a single line of code.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
This fixes the S3 API cross-region call when trying to provision 3rd party firewalls that use a configuration file. If the 3rd party firewalls are being deployed in ca-west-1, but the configuration files are in ca-central-1 (home region) this error will be encountered: Error: Unable to get S3 object s3://asea-management-phase0-configcacentral1-1g9ucir5s5ry0/firewall/firewall-example-A-A-multitunnel.txt: IllegalLocationConstraintException: The ca-central-1 location constraint is incompatible for the region specific endpoint this request was sent to.
The fix below uses the config bucket's home region as a parameter to the locationconstraint in the S3 API.
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
This fixes the S3 API cross-region call when trying to provision 3rd party firewalls that use a configuration file. If the 3rd party firewalls are being deployed in ca-west-1, but the configuration files are in ca-central-1 (home region) this error will be encountered:
Error: Unable to get S3 object s3://asea-management-phase0-configcacentral1-1g9ucir5s5ry0/firewall/firewall-example-A-A-multitunnel.txt: IllegalLocationConstraintException: The ca-central-1 location constraint is incompatible for the region specific endpoint this request was sent to.
The fix below uses the config bucket's home region as a parameter to the locationconstraint in the S3 API.