Skip to content
This repository has been archived by the owner on Dec 9, 2024. It is now read-only.

CloudFormation deployment fails in me-central-1 region due to missing S3 assets. #114

Open
sriharshakns opened this issue Apr 12, 2024 · 0 comments
Open

CloudFormation deployment fails in me-central-1 region due to missing S3 assets. #114

sriharshakns opened this issue Apr 12, 2024 · 0 comments
Assignees
@troy-ameigh

Comments

@sriharshakns
Copy link

Hello team,

I have used the latest linux-bastion-entrypoint-existing-vpc.template.yaml template for a test in a new AWS account with default VPC and subnets in "me-central-1" region.

The following errors could be observed on running "cat /var/log/cloud-init-output.log" in the EC2 instance launched by ASG.

Error:

+ aws s3 cp --no-progress --region me-central-1 s3://aws-ia-me-central-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh .
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden
+ echo Retrying...
Retrying...
+ aws s3 cp --no-progress --region me-central-1 s3://aws-ia-me-central-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh .
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden
+ echo Retrying...

CloudFormation S3 bucket parameters (left as defaults):

QSS3BucketName	    aws-ia	
QSS3BucketRegion.   us-east-1	
QSS3KeyPrefix	    cfn-ps-linux-bastion/

Stack Error (after 1 hour timeout as set in CreationPolicy):

BastionAutoScalingGroup	CREATE_FAILED Received 0 SUCCESS signal(s) out of 1. Unable to satisfy 100% MinSuccessfulInstancesPercent requirement

I was able to fix the issue and create a stack by cloning the GitHub repo to a custom S3 bucket as shown below:

QSS3BucketName	     aws-quickstart-copy-temp-123-test   (randomized S3 bucket name)	
QSS3BucketRegion.    me-central-1	
QSS3KeyPrefix	     cfn-ps-linux-bastion/

Also, the same template was successful in all other regions like me-south-1, us-east-1, eu-central-1.

+ aws s3 cp --no-progress --region me-south-1 s3://aws-ia-me-south-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh .
download: s3://aws-ia-me-south-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh to ./cfn-tools.sh

+ aws s3 cp --no-progress --region us-east-1 s3://aws-ia-us-east-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh .
download: s3://aws-ia-us-east-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh to ./cfn-tools.sh

+ aws s3 cp --no-progress --region eu-central-1 s3://aws-ia-eu-central-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh .
download: s3://aws-ia-eu-central-1/cfn-ps-linux-bastion/scripts/cfn-tools.sh to ./cfn-tools.sh

Based on above, it seems that the S3 bucket "aws-ia-me-central-1" is missing the required files/assets.

Could you please confirm the root cause and fix for this issue?
@troy-ameigh troy-ameigh self-assigned this Apr 12, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@troy-ameigh troy-ameigh

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@troy-ameigh @sriharshakns