Hello,
I used the HashiCorp tutorial: https://learn.hashicorp.com/tutorials/terraform/aws-control-tower-aft
Successfully passed the following actions:
Configure the landing zone,
Deploy AFT module,
Enabled CodeStar connection,
Grant AFT access to Service Catalog portfolio,
Rerun account provisioning pipeline.
Everything worked well so far.
But there is an issue deploying new accounts with ATF. terraform plan passes successfully, while terraform apply fails with the following error:
│ Error: ResourceNotFoundException: Requested resource not found │ │ with module.sandbox.aws_dynamodb_table_item.account-request, │ on modules/aft-account-request/ddb.tf line 1, in resource "aws_dynamodb_table_item" "account-request": │ 1: resource "aws_dynamodb_table_item" "account-request" {
The same error is present in CloudWatch /aws/codebuild/ct-aft-account-request.
Running terraform in debug mode doesn't provide more details.
This is the code for account definition:
`module "sandbox" {
source = "./modules/aft-account-request"
control_tower_parameters = {
AccountEmail = "[email protected]"
AccountName = "dev.aws"
ManagedOrganizationalUnit = "aft.aws"
SSOUserEmail = "[email protected]"
SSOUserFirstName = "DEV"
SSOUserLastName = "AWS"
}
account_tags = {
"Name" = "DEV AWS"
}
change_management_parameters = {
change_requested_by = "My Company"
change_reason = "Add dev.aws account"
}
custom_fields = {
group = "dev.aws"
}
account_customizations_name = "sandbox"
}`
Any help will be greatly appreciated!