search

aws-solutions / aws-control-tower-customizations

The Customizations for AWS Control Tower solution combines AWS Control Tower and other highly-available, trusted AWS services to help customers more quickly set up a secure, multi-account AWS environment using AWS best practices.
https://docs.aws.amazon.com/controltower/latest/userguide/cfct-overview.html
Apache License 2.0
354 stars 205 forks source link

CFT Download to verify with deployed CFT fails because of wrong S3 path #155

Closed rcalvachi closed 1 year ago

rcalvachi commented 1 year ago

Deploying a CFn template from a URL in the manifest succeeds. However, the next time CfCT runs, it tries to download the CFT from the URL to compare with the deployed CFT. It fails because the path is wrong, it has an extra amazonaws.

https://s3.amazonaws.amazonaws.com/<path>/<template>.yaml

It should be:

https://s3.amazonaws.com/<path>/<template>.yaml

NOTE: Using CfCT v2.5.2

image

The details in the manifest.yaml

  - name: CID-CUR-Destination
    resource_file: https://aws-managed-cost-intelligence-dashboards.s3.amazonaws.com/cfn/cur-aggregation.yaml
    deploy_method: stack_set
snebhu3 commented 1 year ago

@rcalvachi Thank you for reaching out. The expected format of resource_file in this case is https://bucket-name.s3.Region.amazonaws.com/key-name The resource_file url provided in the manifest.yaml is missing a Region potentially causing this error.

Please may you re-try with the updated URL format?

rcalvachi commented 1 year ago

Thank you. As you suggested, using the URL with a region worked. :-)

balltrev commented 1 year ago

Glad to hear it @rcalvachi!