amazon-web-services - 如何配置automate_aws_accounts_creation_sso_users_assignment.yaml以在我选择的区域中运行?

标签 amazon-web-services amazon-s3 aws-cloudformation aws-control-tower

我正在关注https://aws.amazon.com/de/blogs/security/how-to-automate-aws-account-creation-with-sso-user-assignment/自动创建 sso 帐户。它说:

This solution is configured to be deployed in the North Virginia Region (us-east-1). But you can change the CloudFormation template to run in any Region that supports all the services required in the solution.

所以我创建了堆栈 https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/automate_aws_accounts_creation_sso_users_assignment.yaml并将顶部面板中的区域从 us-east-1 更改为 eu-central-1。

堆栈创建失败并出现以下事件:

Logical ID: CreateAccountAssignmentLambda  
Status: Create_FAILED 
Status reason: Resource handler returned message: "Error occurred while GetObject. S3 Error Code: PermanentRedirect. S3 Error Message: The bucket is in this region: us-east-1. Please use this region to retry the request (Service: Lambda, Status Code: 400, Request ID: 7fd58877-67b5-46b6-ac60-693f1edff8df, Extended Request ID: null)" (RequestToken: b49cb70f-2820-2c65-76c2-1a0b2776cd94, HandlerErrorCode: InvalidRequest)

我已检查了模板及其中引用的位置:
https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/automate_aws_accounts_creation_sso_users_assignment.yaml

https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/batchcreation_lambda.zip

https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/account_create_lambda.zip

https://awsiammedia.s3.amazonaws.com/public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/create_account_assignment_lambda.zip

但没有提及 us-east-1Virginia。如何更改 CloudFormation 模板以在其他区域运行?

最佳答案

问题似乎出在 S3Bucket: awsiammedia

我会将您需要的 Assets 从 awsiammedia 复制到新区域中的存储桶,并在您找到 awsiammedia 的位置使用该存储桶名称。因此,“配置”并不是一个好的描述。

CreateAccountAssignmentLambda:
    Type: AWS::Lambda::Function
    Properties:
      Code:
        --> S3Bucket: awsiammedia
        S3Key: public/sample/952-Automate-AWS-Accounts-Creation-SSO-Users-Assignment/create_account_assignment_lambda.zip

关于amazon-web-services - 如何配置automate_aws_accounts_creation_sso_users_assignment.yaml以在我选择的区域中运行?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/71310313/

上一篇:python - AWS CDK - 在 Lambda 函数中有条件地创建角色

下一篇:amazon-web-services - 资源之间的循环依赖。 Cognito - lambda 触发器

相关文章:

amazon-web-services - AWS Route53 - 获取正常运行时间百分比

amazon-web-services - aws s3 存储桶策略未按预期工作

amazon-web-services - AWS S3 重定向不起作用

amazon-web-services - Fn::Cidr 是随机的吗?

amazon-web-services - 无法使用云形成创建VPC和路由表

node.js - 有人将 Node.js 与 Amazon SNS 和 Apple 推送通知一起使用吗?

amazon-web-services - aws lambda UTF-8 响应 header

javascript - 发送编码后的图像并在解码后上传到 s3

go - 如何将 aws.WriteAtBuffer 转换为 io.Reader?

amazon-web-services - 如何将 Cognito 用户池设置导出到 CloudFormation 模板?

©2024 IT工具网  联系我们