Closed halberom closed 4 months ago
Thank you for reaching out. I followed your steps but was unable to reproduce the issue. I am able to successfully deploy the stack set to ap-southeast-2 using the template in the public solutions-reference
bucket.
This sounds like the target account may have insufficient permissions to deploy template from the public bucket. Could you please verify if you can manually deploy the spoke stack from the public template in the failing account?
You may also want to check if any service control policies for the org are causing you the access issues.
Thanks @aws-khargita - I think I understand what's happening. The https://s3 gets converted to a GetObject from e.g. arn:aws:s3::solutions-ap-southeast-2/instance-scheduler-on-aws/... Which I didn't have.
Describe the bug
Attempting to use any of the following URLs in a StackSet for the remote template results in an error
Object referenced by https://s3.amazonaws.com/solutions-reference/instance-scheduler-on-aws/latest/instance-scheduler-on-aws-remote.template is not accessible
If I download the template and upload it as a StackSet template file, it works. Similarly if I deploy it via a CloudFormation Stack to a local account it also works. It looks like it might be a permission issue where CloudFormation StackSets aren't allowed to access it.
To Reproduce
It will fail with
Object referenced by https://s3.amazonaws.com/solutions-reference/instance-scheduler-on-aws/latest/instance-scheduler-on-aws-remote.template is not accessible
Expected behavior
No error
Please complete the following information about the solution:
To get the version of the solution, you can look at the description of the created CloudFormation stack. For example, "(SO0030) instance-scheduler-on-aws v1.5.1". You can also find the version from releases
Screenshots If applicable, add screenshots to help explain your problem (please DO NOT include sensitive information).
Additional context Add any other context about the problem here.