GovCloud - CloudFormation S3 Denied Error
Closed this issue · 3 comments
Hello,
I'm attempting to deploy this stack in GovCloud (us-gov-west-1), when entering the template URL (https://aws-quickstart.s3.amazonaws.com/quickstart-hashicorp-vault/templates/quickstart-hashicorp-vault-master.template) and validating the stack via "View/Edit template in Designer", I'm receiving the error:
Cannot open this file because of an error.: https://aws-quickstart.s3.amazonaws.com/quickstart-hashicorp-vault/templates/quickstart-hashicorp-vault-master.template must reference a valid S3 object to which you have access.
When running the stack I get an immediate:
CREATE_FAILED | AWS::CloudFormation::Stack | VPCStack | S3 error: Access Denied ...
I have attempted to create an IAM role for CloudFormation to use with appropriate permissions and that too fails. Any help/pointers would be appreciated. Thanks~
Unfortunately we do not have official support for Gov cloud on this quickstart, we do have some convenience feature that would make it easier to port (like the Gov Cloud condition). What I would suggest is to clone this repo recursively git clone --recurse-submodules git@github.com:aws-quickstart/quickstart-hashicorp-vault.git and upload it to a bucket in Gov Cloud. You will need to update the QSS3BucketName and QSS3KeyPrefix to match the new location. Again no official support for GovCloud so I am closing this ticket. If you have additional feedback please comment as appropriate
To that end - we're evaluating GovCloud support in general, but we're not in a position to commit to a timeline right now.
Thank you for the feature request as @agamzn mentioned. We will are evaluating official support in the future.