CREATE_FAILED due to Resources tag of Launch Template #156
Assignees
Labels
enhancement
New feature or request
Comments
jinwookkk
changed the title
|
Thank you @jinwookkk for requesting this enhancement. We have add it to our backlog to look into. As a workaround, you can customize the DataTransferS3Stack.template by adding the necessary tags to |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Our aws account is affected by our organizatoin's Service Control Policy
So, we need to set resources tag of launch template.
DTH looks generate 2 launch templates.
But we can't add tags.
So we always get CREATE_FAILED with error message like below
Resource handler returned message: "User: arn:aws:sts::{myaccount}:assumed-role/DataTransferHub-QA-APICfnWorkflowCreateTaskCfnFnSer-q5tLicdxbA6Z/DataTransferHub-QA-APICfnWorkflowCreateTaskCfnFnAC-0MO9t0J17JuC is not authorized to perform: autoscaling:CreateAutoScalingGroup on resource: arn:aws:autoscaling:ap-northeast-2:{myaccount}:autoScalingGroup:*:autoScalingGroupName/DTH-S3EC2-7cd2e-Worker-ASG with an explicit deny in a service control policy (Service: AutoScaling, Status Code: 403, Request ID: e912aabd-f045-4a0e-9b4e-c0907c5ef6b9)" (RequestToken: {token}, HandlerErrorCode: AccessDenied)
Describe the feature you'd like
Add resources tag to lauch template
Additional context
The text was updated successfully, but these errors were encountered: