1 Answer
- Newest
- Most votes
- Most comments
0
It seems like there is a permission issue with the CloudFormation stack caused by your domain location, thus a resolution would be to use the reduced permissions mode feature for AWS environments to manually create the CloudFormation stack for s3.
This problem seems to have a similiar solution as the following troubleshooting case in Cloudera Data Warehouse (CDW): https://docs.cloudera.com/data-warehouse/cloud/troubleshooting/topics/dw-trblshoot-aws-env-activation-failure.html?
Here's an outline of the steps:
- Remove one of the permissions in your IAM permissions policy for the AWS account that you used to register the environment you want to activate.
- Follow the steps in https://docs.cloudera.com/data-warehouse/cloud/aws-environments/topics/dw-aws-reduced-perms-mode-activating-environments.html
- After you activate the environment and create the AWS CloudFormation stack resources in your AWS account, make sure that you apply the required tags to the stack that are listed in Required tags for CloudFormation stacks created with reduced permissions mode found here: https://docs.cloudera.com/data-warehouse/cloud/aws-environments/topics/dw-aws-reduced-perms-mode-required-tags.html
- Add the s3:CreateBucket IAM permission back to your IAM permissions policy to make sure you have adequate permissions so CloudFormation stack resources can be created for you when you activate environments later.
Hope this helps.
answered 2 years ago
Relevant content
- asked 2 years ago
- asked 3 months ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago