Open Geemanthi opened 2 months ago
Are you passing a region flag on the cli or specifying regions in the accounts file? Ie don’t see a region being passed on cli and me is not a not a default execution region
If your explicitly specifying run a region in the accounts config file for a given account, stopping due to error is the correct thing for us to do as it’s a misconfiguratiom from the user intent.
I have specified the regions in accounts.yml as follows. Policy executions work fine in ap-south-1 and ap-southeast-1 regions. But, it gives that AuthFailure error when it comes to me-central-1 region only.
Also, I tried out -r flag in c7n-org command and still it gives error for middle east region. I am using AWS IAM user to authenticate with AWS account and AWS_DEFAULT_REGION has been set to ap-south-1.
accounts:
- account_id: 'accountid'
name: accountname
regions:
- ap-south-1
- me-central-1
- ap-southeast-1
role: arn:aws:iam::accountid:role/GMACloudcustodian
Describe the bug
Hi,
I'm using ap-south-1 region as my AWS_DEFAULT_REGION and have added me-central-1 region in accounts.yml as another region for the policy executions. I'm running the following commands using some variables.
c7n-org run -c accounts.yml -s "$report_path" -u $policy_path --debug c7n-org report -c accounts.yml -u $policy_path -s "$report_path" -f "$report_path/report.csv" --format csv
It works, if I change AWS_DEFAULT_REGION variable to me-central-1. But I cannot do this change since some of my AWS accounts haven't been enabled that region. Can you give me a solution to fix this AuthFailure issue?
What did you expect to happen?
I expect to solve this AuthFailure issue in me-central-1 region and executions of the policies when I included in accounts.yml.
Cloud Provider
Amazon Web Services (AWS)
Cloud Custodian version and dependency information
Policy
Relevant log/traceback output
No response
Extra information or context
No response