aws-service-catalog-reference-architectures icon indicating copy to clipboard operation
aws-service-catalog-reference-architectures copied to clipboard

Published 20 hours ago verified publisher icon aws-samples

GuardDuty lambda fails to find trail in DelegatedAdminAccount

Open borisyukd opened this issue 2 years ago • 2 comments

Issue: After updating to Landing Zone 3.0 Lambda function security/guardduty/function.zip fails to run when delegated account was set because describe_trails in create_s3_destination request returns [] Reason: CloudTrail trails were migrated to Organization Master account Solution: rename aws-controltower-BaselineCloudTrail to the ARN of the trail from Organization Master account

Update link: https://aws.amazon.com/about-aws/whats-new/2022/07/aws-control-tower-adopts-aws-cloudtrail-organization-logging/

borisyukd avatar Aug 09 '22 10:08 borisyukd

Awesome. Thanks for this :)

niteenkole avatar Aug 26 '22 20:08 niteenkole

Any news when it is merged so that we can directly run the Launch Stack (it fails in the nested stack for me) ?

fab-mindflow avatar Sep 16 '22 00:09 fab-mindflow