- Newest
- Most votes
- Most comments
Hello,
The reason why the deployment is failing is that "ROOT_ACCOUNT_HARDWARE_MFA_ENABLED", "OPENSEARCH_IN_VPC_ONLY" and "OPENSEARCH_ENCRYPTED_AT_REST" AWS managed config rules are not supported in the us-west-1 GovCloud region. If unsupported AWS managed config rules are referred in the conformance pack, the deployment fails.
It is required that the sample templates are modified to include only the rules that are available in GovCloud to successfully deploy the conformance pack.
[+] Conformance Pack sample templates - https://docs.aws.amazon.com/config/latest/developerguide/conformancepack-sample-templates.html
The list of managed config rules which are currently supported in GovCloud regions can be referenced from the below links -
[+] AWS GovCloud (US-East) Region -https://docs.aws.amazon.com/config/latest/developerguide/managing-rules-by-region-availability.html#aws-govcloud-us-east-section-head
[+] AWS GovCloud (US-West) Region -https://docs.aws.amazon.com/config/latest/developerguide/managing-rules-by-region-availability.html#aws-govcloud-us-west-section-head
Regards,
Suryansh
Relevant content
- asked 9 months ago
- asked 6 months ago
- asked a year ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 4 years ago