You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Org-formation init-pipeline action results in an access denied error when using a build-account id. This error stems from s3 interaction.
Your environment
version of org-formation: 1.0.13
version of node: 20.11.0
which OS/distro: Windows Linux Subsystem
Steps to reproduce
I have a console created organization, with console created accounts.
I make initial tests with org-formation init organization.yml and org-formation init-pipeline organization.yml with no issues at all.
However, attempting to use org-formation init-pipeline [organization.yml] [--region us-east-1] build-account-id XXXXXX results in what appears to be a permission error.
Expected behaviour
INFO: uploading initial commit to s3 organization-formation-XXXXX/initial-commit.zip...
INFO: creating code commit / codebuild and codepipeline resources using CloudFormation...
INFO: Your pipeline and initial commit have been created in AWS.
INFO: Hope this will get you started!
INFO:
INFO: Take your time and browse through the source, there is some additional guidance as comments.
INFO:
INFO: Have fun!
INFO:
INFO: --OC
Actual behaviour
INFO: uploading initial commit to s3 organization-formation-XXXXX/initial-commit.zip...
ERROR: unexpected error occurred...
Access Denied
AccessDenied: Access Denied
at throwDefaultError (/home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@smithy/smithy-client/dist-cjs/index.js:838:20)
at /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@smithy/smithy-client/dist-cjs/index.js:847:5
at de_PutObjectCommandError (/home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/client-s3/dist-cjs/index.js:5741:10)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@smithy/middleware-serde/dist-cjs/index.js:35:20
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-signing/dist-cjs/index.js:184:18
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@smithy/middleware-retry/dist-cjs/index.js:320:38
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/middleware-flexible-checksums/dist-cjs/index.js:173:18
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:97:20
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/client-s3/node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/index.js:120:14
at async /home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/middleware-logger/dist-cjs/index.js:33:22
at async Promise.all (index 0)
at async _Upload.__uploadUsingPut (/home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/lib-storage/dist-cjs/index.js:217:22)
at async _Upload.__doConcurrentUpload (/home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/lib-storage/dist-cjs/index.js:280:18)
at async Promise.all (index 0)
at async _Upload.__doMultipartUpload (/home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/lib-storage/dist-cjs/index.js:366:5)
at async _Upload.done (/home/leo/.nvm/versions/node/v20.11.0/lib/node_modules/aws-organization-formation/node_modules/@aws-sdk/lib-storage/dist-cjs/index.js:190:12)
In all cases an organization-formation-XXXXX bucket is created in the management account. My impression is that the build account would carry the build files.
The text was updated successfully, but these errors were encountered:
Subject of the issue
Org-formation init-pipeline action results in an access denied error when using a build-account id. This error stems from s3 interaction.
Your environment
Steps to reproduce
I have a console created organization, with console created accounts.
I make initial tests with
org-formation init organization.yml
andorg-formation init-pipeline organization.yml
with no issues at all.However, attempting to use
org-formation init-pipeline [organization.yml] [--region us-east-1] build-account-id XXXXXX
results in what appears to be a permission error.Expected behaviour
Actual behaviour
In all cases an organization-formation-XXXXX bucket is created in the management account. My impression is that the build account would carry the build files.
The text was updated successfully, but these errors were encountered: