search

awslabs / aws-deployment-framework

The AWS Deployment Framework (ADF) is an extensive and flexible framework to manage and deploy resources across multiple AWS accounts and regions based on AWS Organizations.
Apache License 2.0
650 stars 225 forks source link

adf-bootstrap code pipeline fails in management account #741

Open jdhakar1995 opened 1 month ago

jdhakar1995 commented 1 month ago

Dear @sbkok and Team,

We are currently using adf version 3.2.0 in our dev,qa and prod aws organizations. The aws-deployment-framework-bootstrap-pipeline in prod org management account is getting failed with below error-

image

Is this error related to number of accounts we have in an AWS Organizations? We do not get this error in dev and qa org which do not have too many accounts. As per #518, the issue is already resolved in v3.2.0 but as per #659, the issue is resolved in v4.0.0

Please let me know what's the root cause of this issue and how to get it fixed. Also, please let me know if you need more details.

Thanks, Jitendra

sbkok commented 2 weeks ago

Hi @jdhakar1995,

Thanks for reaching out. The problem is with one of the accounts, where it does not have the deployment_account_id SSM parameter in that specific account in the main deployment region yet. The root cause of this issue is the bootstrapping of the account, in v3.2.0 the deployment_account_id parameter was added as part of the bootstrap stack. However, due to a bug the parameter was not created in some cases.

As you pointed out, this is fixed in our latest release. Hence upgrading to v4.0.0 will fix this problem. I strongly recommend to upgrade asap considering the security fixes it includes.

If that is not an option just yet, you could create the deployment_account_id parameter in that specific account manually for the time being.