Closed jasoncao99 closed 6 months ago
In the Build and Deploy section of the README, it is noted that the template bucket should have the "-reference" suffix.
Build and Deploy
AWS Solutions use two buckets: a bucket for global access to templates, which is accessed via HTTPS, and regional buckets for access to assets within the region, such as Lambda code. You will need:
One global bucket that is access via the http end point. AWS CloudFormation templates are stored here. It must end with "-reference. Ex. "mybucket-reference"
One regional bucket for each region where you plan to deploy using the name of the global bucket as the root, and suffixed with the region name. Ex. "mybucket-us-east-1"
Your buckets should be encrypted and disallow public access
Note: When creating your buckets, ensure they are not publicly accessible. Use random bucket names. Disable public access. Use KMS encryption. And verify bucket ownership before uploading.
https://github.com/aws-solutions/automated-security-response-on-aws/blob/5244c64437f7eeaf77790b6bd95e60a8087eda82/source/lib/common-orchestrator-construct.ts#L532C6-L532C20
This line was causing errors when I was deploying ASR into my organization. Not sure why "-reference" is appended to the bucket name. Worked when I removed it.