The following CFN template is giving me the "Failed to receive 1 resource signal(s) within the specified duration" error. What could be the problem? Thanks!
AWSTemplateFormatVersion: 2010-09-09
Description: AWS EC2 instance to run CT existing account onboarding (fdp-1qj64b38g)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Network Configuration
Parameters:
- VPC
- RemoteAccessCIDR
- Label:
default: Linux Instance Configuration
Parameters:
- KeyPair
- LinuxSubnet
- LinuxInstanceType
- LatestAmiId
ParameterLabels:
VPC:
default: VPC
KeyPair:
default: Key Pair
RemoteAccessCIDR:
default: Remote Access CIDR Block
LinuxSubnet:
default: Linux Subnet
LatestAmiId:
default: SSM key to the latest Amazon linux AMI
Parameters:
VPC:
Type: AWS::EC2::VPC::Id
Description: Select the VPC where the EC2 instances will be created
ConstraintDescription: must be an existing VPC
LinuxSubnet:
Type: AWS::EC2::Subnet::Id
Description: Select subnet for Linux Instance
ConstraintDescription: must be an existing subnet
KeyPair:
Description: Name of existing EC2 key pair for Linux Instances
Type: AWS::EC2::KeyPair::KeyName
RemoteAccessCIDR:
Description: CIDR block to allow access to linux instances
Type: String
AllowedPattern: (\d{1,3}).(\d{1,3}).(\d{1,3}).(\d{1,3})/(\d{1,2})
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
LatestAmiId:
Type: AWS::SSM::Parameter::ValueAWS::EC2::Image::Id
Default: /aws/service/ami-amazon-linux-latest/al2023-ami-kernel-default-x86_64
Resources:
SSHSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
VpcId: !Ref VPC
GroupDescription: Enable ssh access
SecurityGroupIngress:
- Description: allow icmp
IpProtocol: icmp
FromPort: '-1'
ToPort: '-1'
CidrIp: !Ref RemoteAccessCIDR
- Description: allow SSH
IpProtocol: tcp
FromPort: '22'
ToPort: '22'
CidrIp: !Ref RemoteAccessCIDR
ScriptRunnerInstance:
Type: AWS::EC2::Instance
Metadata:
AWS::CloudFormation::Init:
configSets:
All:
- prereqs
- downloadscript
prereqs:
packages:
yum:
python3: []
commands:
1_install_boto3:
command: sudo pip3 install boto3
downloadscript:
commands:
1_get_enroll_script:
command: wget https://raw.githubusercontent.com/aws-samples/aws-control-tower-reference-architectures/master/customizations/AccountFactory/EnrollAccount/enroll_account.py -O enroll_account.py
cwd: /home/ec2-user
ignoreErrors: 'true'
2_chmod_enroll_script:
command: chmod +x enroll_account.py
cwd: /home/ec2-user
ignoreErrors: 'true'
3_set_region:
command: !Sub echo export AWS_DEFAULT_REGION=${AWS::Region} >> .bash_profile
cwd: /home/ec2-user
ignoreErrors: 'true'
Properties:
InstanceType: t3.medium
SubnetId: !Ref LinuxSubnet
ImageId: !Ref LatestAmiId
KeyName: !Ref KeyPair
Tags:
- Key: Name
Value: !Sub CT-UpdateRunner-${AWS::StackName}
SecurityGroupIds:
- !GetAtt SSHSecurityGroup.GroupId
UserData: !Base64
Fn::Join:
- ''
- - |
#!/bin/bash -xe
- |
yum update -y aws-cfn-bootstrap
- ''
- '/opt/aws/bin/cfn-init -v '
- ' --stack '
- !Ref AWS::StackName
- ' --resource ScriptRunnerInstance '
- ' --configsets All '
- ' --region '
- !Ref AWS::Region
- |
- ''
- '/opt/aws/bin/cfn-signal -e $? '
- ' --stack '
- !Ref AWS::StackName
- ' --resource ScriptRunnerInstance '
- ' --region '
- !Ref AWS::Region
- |
CreationPolicy:
ResourceSignal:
Timeout: PT5M
can you provide a YAML of your CloudFormation