Closed costal closed 2 months ago
@costal Did you ever figure out the issue here? I have run into the same issue and have begun to look into it. As you indicated, I'm thinking the permissions issue arises from the state bucket begin created in the wrong account.
Subject of the issue
Org-formation init-pipeline action results in an access denied error when using a build-account id. This error stems from s3 interaction.
Your environment
Steps to reproduce
I have a console created organization, with console created accounts.
I make initial tests with
org-formation init organization.yml
andorg-formation init-pipeline organization.yml
with no issues at all. However, attempting to useorg-formation init-pipeline [organization.yml] [--region us-east-1] build-account-id XXXXXX
results in what appears to be a permission error.Expected behaviour
Actual behaviour
In all cases an organization-formation-XXXXX bucket is created in the management account. My impression is that the build account would carry the build files.