Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Getting S3 error: Domain name specified in [*********] is not a valid S3 domain when pasting S3 URL for the template from S3 bucket of a conduit account in Create Stack Tab for my account.

0

I am trying to create a stack with template I am using from another conduit account (Account1) to my account. When copying the S3 URL from the location of the template and pasting it into my stack creation tab in Cloudformation, I am getting the following error: S3 error: Domain name specified in [*********] is not a valid S3 domain. Initially, I was getting this error: s3 error access denied for more information check http://docs.aws.amazon.com/amazons3/latest/api/errorresponses.html I want to understand what is causing this error? Any help is appreciated.

Themen
Management & Unternehmensführung
Tags
AWS CloudFormationAWS Kontoverwaltung
Sprache
English
bhanuvsp
gefragt vor einem Monat2930 Aufrufe
1 Antwort
2

Hello.

If you select "Amazon S3 URL" when creating a stack in the CloudFormation console, the URL must start with https:// and not an s3 URI.
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-using-console-create-stack-template.html
https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingBucket.html

In other words, I think you can use it by specifying the object URL as shown below.

https://<bucket name>.s3.<region>.amazonaws.com/*****.yaml
profile picture
EXPERTE
Riku_Kobayashi
beantwortet vor einem Monat
profile picture
EXPERTE
Osvaldo Marte
überprüft vor einem Monat
  • bhanuvsp
    vor einem Monat

    Thank you. It got through the first error. When I try the object URL which is of the format you suggested, I am now getting the "s3 error access denied for more information check http://docs.aws.amazon.com/amazons3/latest/api/errorresponses.html" error. What should I do at this point?

  • Riku_Kobayashi EXPERTE
    vor einem Monat

    This is probably because the S3 bucket where Account1's CloudFormation template is uploaded cannot be accessed. I think this can be resolved by enabling S3 public access or setting up a cross-account IAM role.

  • Riku_Kobayashi EXPERTE
    vor einem Monat

    If you want to set the S3 bucket for public access, you can use it by disabling the bucket policy and public access block settings below.

    {
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetObject",
                "s3:GetObjectVersion"
            ],
            "Resource": "arn:aws:s3:::s3-bucket-name/*"
        }
    ]
}

    When configuring cross-account settings, the following documents may be helpful. https://repost.aws/knowledge-center/cross-account-access-s3

  • bhanuvsp
    vor einem Monat

    Thank you so much! I will work on this and post updates here.

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt