Closed arshikam closed 1 year ago
I think https://github.com/aws-solutions/aws-waf-security-automations/pull/254 provides a solution to be able to deploy to a region without AppRegistry.
Obviously AppRegistry cannot be used for monitoring in such a case.
The out-of-box solution is not supported in il-central-1 region. You can try to customize the source code, build and upload assets to s3, following https://github.com/aws-solutions/aws-waf-security-automations/blob/main/README.md.
This is a duplicate of an internal ticket. Close this ticket.
Looks like this is a duplicate of issue #256. Closing.
Describe the bug Solution is not deploying in il-central-1 region.
To Reproduce Try to deploy the stack in il-central-1 region:
https://docs.aws.amazon.com/solutions/latest/security-automations-for-aws-waf/step-1.-launch-the-stack.html
Expected behavior It should deploy in the il-central-1 region.
Please complete the following information about the solution:
To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "Security Automations for AWS WAF v3.1: This AWS CloudFormation template helps you provision the Security Automations for AWS WAF stack without worrying about creating and configuring the underlying AWS infrastructure". If the description does not contain the version information, you can look at the mappings section of the template:
Screenshots If applicable, add screenshots to help explain your problem (please DO NOT include sensitive information).
Additional context
When trying to deploy the below solution in il-central-1 region: https://docs.aws.amazon.com/solutions/latest/security-automations-for-aws-waf/step-1.-launch-the-stack.html
Getting below error:
Error 1:
There was an error creating this change set Template format error: Unrecognized resource types: [AWS::ServiceCatalogAppRegistry::AttributeGroup, AWS::ServiceCatalogAppRegistry::Application, AWS::ServiceCatalogAppRegistry::AttributeGroupAssociation, AWS::ServiceCatalogAppRegistry::ResourceAssociation]
Now I found a document where it says that 'ServiceCatalogAppRegistry' is not supported for il-central-1 region but it is not a official document.
https://www.aws-services.info/servicecatalog-appregistry.html
The same stack is getting deployed successfully in us-east-1 region.
Tried to remove the dependancy for 'ServiceCatalogAppRegistry' resource from the template and deployed the stack. This time it failed with below error:
Resource handler returned message: "Error occurred while GetObject. S3 Error Code: IllegalLocationConstraintException. S3 Error Message: The unspecified location constraint is incompatible for the region specific endpoint this request was sent to. (Service: Lambda, Status Code: 400, Request ID: )" (RequestToken: , HandlerErrorCode: InvalidRequest)
Please guide on this as to how we can proceed and deploy the solution in il-central-1 region