sbkok
commented
8 months ago I moved this change to a larger PR with related changes to ADF's use of SSM Parameter Store. Closing this one, as #695 supersedes it.
Closed sbkok closed 8 months ago
sbkok
commented
8 months ago I moved this change to a larger PR with related changes to ADF's use of SSM Parameter Store. Closing this one, as #695 supersedes it.
Why?
Issues: #659 and #594.
When installing ADF the first time, the global IAM bootstrap stack that gets deployed is sourced from the
adf-bootstrap/global-iam.yml.The reason for this behaviour is the absence of the
global-iam.ymlfile in the deployment OU bootstrap folder (adf-bootstrap/deployment/global-iam.yml).It iterates to the parent directory until it finds a
global-iam.ymlto deploy. Hence, when theadf-bootstrap/global-iam.ymlgets deployed in the deployment account, it was looking for thedeployment_account_idSSM parameter. That did not get deployed in the deployment account.What?
deployment_account_idin the deployment account, so if the global IAM bootstrap stack failed to deploy before, it will work in the next release. This would be the case if the previous deployment failed but the sameaws-deployment-framework-bootstraprepository is used in the upgrade.adf-bootstrap/deployment/example-global-iam.ymltoadf-bootstrap/deployment/global-iam.yml. The same logic as how ADF creates the initialadf-bootstrap/global-iam.yml.By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.