Closed adelmuharraqi closed 3 years ago
Are you using a unique Amazon S3 bucket name and is the bucket in the same region where you deploy the solution?
Yes, template uploaded in cloudformation (unique S3 bucket) in same region.
A few more questions:
Hi, I'm having the same error in eu-west-1
For this solution to work in cloudfront mode, you have to create stack in N.Virginia, and upload all your templates and lambda code in a bucket in n.Virginia as well.
Could you confirm the buckets you use to upload sources and CFN templates are in the same region as the stack you're creating ?
Try to create new stack by uploading template in me-south-1 region to view the error.
I have created and uploaded templates and codes in the same region as launched cloudformation stack in the same region, my case is eu-west-1
The reason for the error in me-south-1 region is because the solution isn't officially supported in this new region, but it is on our roadmap. For issue in eu-west-1, please answer these questions:
Hi @aijunpeng thanks for your reply.
The error screenshot:
Yes I'm using 3 buckets, 1 for global assets (CF) templates, 1 bucket for regional assets (dist), 1 bucket for AppAccessLogBucket, all newly created for this deployment; I have uploaded a dummy file into AppAccessLogBucket just in case, and all buckets are in eu-west-1 as CF deployment
deploying new stack
I have created 3 buckets as per 2nd point for this deployment, and not public buckets
Parameters and values: ActivateBadBotProtectionParam yes ActivateCrossSiteScriptingProtectionParam yes ActivateHttpFloodProtectionParam yes - AWS WAF rate based rule ActivateReputationListsProtectionParam yes ActivateScannersProbesProtectionParam yes - AWS Lambda log parser ActivateSqlInjectionProtectionParam. yes AppAccessLogBucket previously created bucket name EndpointType ALB ErrorThreshold 50 RequestThreshold 150 WAFBlockPeriod 240
Thanks for your response. It seems your have a different error and it complains about bucket not existing. Please make sure s3 bucket exists and the assets in bucket should be publicly accessible. You can also try launch the solution from the solution website: https://docs.aws.amazon.com/solutions/latest/aws-waf-security-automations/deployment.html
@ozcan-ozkaya Your issue is different and I suspect is related to the DIST variable mentioned here: https://github.com/awslabs/aws-waf-security-automations/issues/154
Added #154 to backlog
Error occurred while GetObject. S3 Error Code: IllegalLocationConstraintException. S3 Error Message: The unspecified location constraint is incompatible for the region specific endpoint this request was sent to. (Service: AWSLambdaInternal; Status Code: 400; Error Code: InvalidParameterValueException; Request ID: 995f16d2-cdbc-4e7b-a304-241c05f652e2)