I am giving replication configuration to the s3 bucket but getting Destination bucket must exist Service: Amazon S3; Status Code: 400 error even if the destination bucket is existing . Source bucket is in eu-west-1 region and destination bucket is in us-east-1 region .Getting this error while deploying in Cloudformation stack. I am able to give replication configuration with the same destination bucket through console.Below is the code for s3 and replication configuration.
S3BucketMap:
test :
s3BucketArn : "arn:aws:s3:::mybucket-test"
s3BucketAllObjectsArn : "arn:aws:s3:::mybucket-test/*"
beta :
s3BucketArn : "arn:aws:s3:::mybucket-beta"
s3BucketAllObjectsArn: "arn:aws:s3:::mybucket-beta/*"
prod :
s3BucketArn : "arn:aws:s3:::mybucket-prod"
s3BucketAllObjectsArn: "arn:aws:s3:::mybucket-prod/*"
TestS3Bucket:
Type: 'AWS::S3::Bucket'
DeletionPolicy: Retain
Properties:
BucketName: {"Fn::Sub": "test-s3-bucket-${Stage}"}
PublicAccessBlockConfiguration:
BlockPublicAcls: Yes
BlockPublicPolicy: Yes
IgnorePublicAcls: Yes
RestrictPublicBuckets: Yes
VersioningConfiguration:
Status: Enabled
ReplicationConfiguration:
Role: !GetAtt ReplicationBucketRole.Arn
Rules:
- Prefix: ""
Id: ReplicationRule
Status: Enabled
Destination:
Bucket: { Fn::FindInMap: [ 'S3BucketMap', { Ref: 'Stage' } ,"s3BucketArn" ] }
ReplicationBucketRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Action: [ "sts:AssumeRole" ]
Effect: Allow
Principal:
Service: [ "s3.amazonaws.com" ]
ReplicationBucketPolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: ReplicationBucketPolicy
Roles: [ !Ref ReplicationBucketRole ]
PolicyDocument:
Statement:
- Action:
- s3:ListBucket
- s3:GetObjectVersionForReplication
- s3:GetReplicationConfiguration
- s3:GetObjectVersionAcl
- s3:GetObjectVersionTagging
Effect: Allow
Resource:
- !Sub "arn:aws:s3:::${TestS3Bucket}"
- !Sub "arn:aws:s3:::${TestS3Bucket}/*"
- Action:
- s3:ReplicateObject
- s3:ReplicateDelete
- s3:ReplicateTags
- s3:GetObjectVersionTagging
- s3:ObjectOwnerOverrideToBucketOwner
Effect: Allow
Resource: { Fn::FindInMap: [ 'S3BucketMap', { Ref: 'Stage' } ,"s3BucketAllObjectsArn" ] }
Is there an additional section where you define the Stage parameter? It also appears that you are using JSON syntax for the Resource value while the overall document is YAML. Check the examples here: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html#mappings-section-structure-examples