search

aws-solutions-library-samples / guidance-for-sql-based-etl-with-apache-spark-on-amazon-eks

A guidance that provides declarative data processing capability, and workflow orchestration automation to help your business users (such as analysts and data scientists) access their data and create meaningful insights without the need for manual IT processes.
https://aws.amazon.com/solutions/implementations/sql-based-etl-with-apache-spark-on-amazon-eks/
MIT No Attribution
29 stars 5 forks source link

Bucket used for flow logs cannot use KMS without a customer managed key #2

Closed rddefauw closed 1 year ago

rddefauw commented 2 years ago

Describe the bug

If you deploy the CDK stack, it fails because the bucket used for flow logs is using KMS but without a customer key. You can fix this by adding a CMK or switching to S3-managed encryption.

To Reproduce

Steps to reproduce the behavior

  1. Step One:
  2. Step Two:
  3. [...]

Expected Result

A clear and concise description of what you expected to happen.

Actual Result

A description of what is the result and/or error messages you got when you faced this issue.

Other information:

  1. Version of the Solution (e.g., v1.1.0):

    To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "(SO0027) AWS Serverless Bot Framework v1.2.0 - This AWS CloudFormation template helps you provision the AWS Serverless Bot Framework stack without worrying about creating and configuring the underlying AWS infrastructure". If the description does not contain the version information, you can look at the mappings section of the template:

Mappings:
  Solution:
    Data:
      ID: SO0027
      Version: 'v1.2.0'
  1. Region where CloudFormation template is deployed (e.g., us-east-1):
  2. Did you make any change in the source code? If yes, what are the relevant changes (if publicly available)?:
  3. Troubleshooting steps attempted:
  4. Were there any errors in the Cloudwatch logs?:
  5. Screenshots (please DO NOT include sensitive information):
  6. Did you use the Sample Weather Service (please DO NOT include API KEY) ? Yes / No

Stack Parameters

Cloudformation Stack Parameters (please DO NOT include sensitive information like S3 bucket name, IP address, credentials, etc):

  1. Bot Name:
  2. Bot Language:
  3. Bot Gender:

Additional context

Add any other context about the problem here.

melodyyangaws commented 1 year ago

KMS key is working. Added bucket object_ownership to fix s3 ACL issue.