There are two errors preventing the deployment of the network stack:
│ Error: creating Flow Log (vpc-03c15635e92c5cc01): InvalidParameter: DeliverLogsPermissionArn is not applicable for s3 delivery
│ status code: 400, request id: c576299b-5c18-4113-86f5-41a74ca5423f
│
│ with aws_flow_log.primary_s3,
│ on vpc.tf line 31, in resource "aws_flow_log" "primary_s3":
│ 31: resource "aws_flow_log" "primary_s3" {
│
│ Error: creating Flow Log (vpc-03c15635e92c5cc01): UnauthorizedOperation: You are not authorized to perform this operation. User: arn:aws:sts::112233445566:assumed-role/spacelift-stacks/***@network@jhatler is not authorized to perform: iam:PassRole on resource: ***** because no identity-based policy allows the iam:PassRole action.
...
│
│ with aws_flow_log.primary_cloudwatch,
│ on vpc.tf line 24, in resource "aws_flow_log" "primary_cloudwatch":
│ 24: resource "aws_flow_log" "primary_cloudwatch" {
│
There are two errors preventing the deployment of the network stack: