unable to deploy the the AWS cloud migration factory solution

0

I am trying to deploy the cloud migration factory in aws using cloud formation template download from here https://solutions-reference.s3.amazonaws.com/cloud-migration-factory-on-aws/latest/aws-cloud-migration-factory-solution.template

but it failed deploy and rollbacked immediately. Enter image description here

I have seen that few resources failed to create, i am clueless as i have used admin user and even root user as well.

Can some one check and help ?

Mohan
已提问 1 年前337 查看次数
3 回答
0
已接受的回答

Hello.

Although it is not visible in the image, the reason why resource creation failed may be listed in the "Status reason" column.
Could you please share the "Status reason" column?

profile picture
专家
已回答 1 年前
0

Thanks for the reply.
I deployed using the same template in my environment and saw the same error.
The cause of the error is unknown, but OAI itself is an old control method, so I used OAC to control it, and the deployment was successful.
The change should be made around line 227 to the following template.

  FrontEndBucketPolicy:
    Condition: DeployCloudFront
    Type: AWS::S3::BucketPolicy
    Properties:
      Bucket: !Ref FrontEndBucket
      PolicyDocument:
        Statement:
        - Action: s3:GetObject
          Effect: Allow
          Resource: !Sub ${FrontEndBucket.Arn}/*
          Principal:
            Service: cloudfront.amazonaws.com
          Condition:
            StringEquals:
              AWS:SourceArn: !Sub arn:aws:cloudfront::${AWS::AccountId}:distribution/${CloudfrontDistribution}

  CloudFrontOriginAccessControl:
    Condition: DeployCloudFront
    Type: AWS::CloudFront::OriginAccessControl
    Properties: 
      OriginAccessControlConfig:
        Description: Default Origin Access Control
        Name: !Ref AWS::StackName
        OriginAccessControlOriginType: s3
        SigningBehavior: always
        SigningProtocol: sigv4

  CloudfrontDistribution:
    Condition: DeployCloudFront
    DependsOn: CloudFrontFunction
    Type: AWS::CloudFront::Distribution
    Properties:
      Tags:
        -
          Key: application
          Value: !Ref Application
        -
          Key: environment
          Value: !Ref Environment
        -
          Key: Name
          Value: !Sub ${Application}-${Environment}-CloudFrontDistribution
      DistributionConfig:
        WebACLId:
          !If
          - DeployWAF
          - !GetAtt WAFFEStack.Outputs.WAFFEACLArn
          - !Ref 'AWS::NoValue'
        Enabled: true
        PriceClass: 'PriceClass_100'
        DefaultRootObject: 'index.html'
        ViewerCertificate:
          CloudFrontDefaultCertificate: true
          MinimumProtocolVersion: TLSv1.2_2018
        CustomErrorResponses:
          - ErrorCachingMinTTL: 300
            ErrorCode: 403
            ResponseCode: 200
            ResponsePagePath: '/index.html'
        HttpVersion: http2
        DefaultCacheBehavior:
          AllowedMethods:
            - HEAD
            - DELETE
            - POST
            - GET
            - OPTIONS
            - PUT
            - PATCH
          ForwardedValues:
            QueryString: false
          TargetOriginId: !Sub S3-${FrontEndBucket}
          ViewerProtocolPolicy: redirect-to-https
          FunctionAssociations:
            - EventType: viewer-response
              FunctionARN: !GetAtt CloudFrontFunction.FunctionMetadata.FunctionARN
        IPV6Enabled: true
        Logging:
          Bucket: !GetAtt AccessLoggingBucket.DomainName
        Origins:
          - DomainName: !GetAtt FrontEndBucket.DomainName
            Id: !Sub S3-${FrontEndBucket}
            S3OriginConfig:
              OriginAccessIdentity: ''
            OriginAccessControlId: !GetAtt CloudFrontOriginAccessControl.Id
    Metadata:
      cfn_nag:
        rules_to_suppress:
          - id: W70
            reason: "It is already TLSv1.2_2018"
profile picture
专家
已回答 1 年前
profile picture
专家
已审核 5 个月前
  • Thank you.

0

Please check the screens hotEnter image description here

Mohan
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则