search

awslabs / ssosync

Populate AWS SSO directly with your G Suite users and groups using either a CLI or AWS Lambda
Apache License 2.0
512 stars 175 forks source link

Error 404: Domain not found #184

Closed Manoj-Paramsetti closed 5 months ago

Manoj-Paramsetti commented 5 months ago

I attempted to deploy SSOSync from the serverless repository. I provided the service account as a Google Admin email along with its credentials. Additionally, I configured domain-wide delegation, but I still encounter a 404 error.

time="2024-03-23T02:21:30Z" level=info msg="Executing as Lambda"
START RequestId: f033a69f-8dba-46ea-8fb7-2174344f38f7 Version: $LATEST
{
  "level": "fatal",
  "msg": "Notifying Lambda and mark this execution as Failure: googleapi: Error 404: Domain not found., notFound",
  "time": "2024-03-23T02:21:31Z"
}
RequestId: f033a69f-8dba-46ea-8fb7-2174344f38f7 Error: Runtime exited with error: exit status 1
Runtime.ExitError
END RequestId: f033a69f-8dba-46ea-8fb7-2174344f38f7
REPORT RequestId: f033a69f-8dba-46ea-8fb7-2174344f38f7  Duration: 1309.89 ms    Billed Duration: 1422 ms    Memory Size: 128 MB Max Memory Used: 34 MB  Init Duration: 111.48 ms
ChrisPates commented 5 months ago

Message ID: @.***>This generally means the Google admin api, can’t find your workspace domain based on the mail domain part of the admin email address you supplied.

However, it could be other settings being slightly off. I would go back through the setup (on the Google side) and just double you didn’t miss anything. The lab in the AWS Control Tower workshop for this is very detailed.

AWS Control Tower Workshop catalog.workshops.aws

Manoj-Paramsetti commented 5 months ago

Thank you @ChrisPates, I was passing service account email as Admin Email address. It is working now. Sorry for any inconvenience.