[Container] 2022/12/15 13:26:20 going inside waitForAgent [Container] 2022/12/15 13:26:20 Waiting for agent ping [Container] 2022/12/15 13:26:21 Waiting for DOWNLOAD_SOURCE [Container] 2022/12/15 13:26:39 Phase is DOWNLOAD_SOURCE [Container] 2022/12/15 13:26:39 finished waitForAgent [Container] 2022/12/15 13:26:40 CODEBUILD_SRC_DIR=/codebuild/output/src967/src/s3/00 [Container] 2022/12/15 13:26:40 CODEBUILD_SRC_DIR_Config=/codebuild/output/src967/src/s3/01 [Container] 2022/12/15 13:26:40 YAML location is /codebuild/readonly/buildspec.yml [Container] 2022/12/15 13:26:40 No commands found for phase name: install [Container] 2022/12/15 13:26:40 Setting HTTP client timeout to higher timeout for S3 source [Container] 2022/12/15 13:26:40 Processing environment variables [Container] 2022/12/15 13:26:40 Running command echo "Installing Node.js version 14 ..." Installing Node.js version 14 ... [Container] 2022/12/15 13:26:40 Running command n $NODE_14_VERSION copying : node/14.19.2 installed : v14.19.2 (with npm 6.14.17) [Container] 2022/12/15 13:27:13 Moving to directory /codebuild/output/src967/src/s3/00 [Container] 2022/12/15 13:27:13 Configuring ssm agent with target id: codebuild:2eff4929-a227-4ccd-b97c-8562bf43e30b [Container] 2022/12/15 13:27:13 Successfully updated ssm agent configuration [Container] 2022/12/15 13:27:13 Registering with agent [Container] 2022/12/15 13:27:13 Phases found in YAML: 2 [Container] 2022/12/15 13:27:13 BUILD: 6 commands [Container] 2022/12/15 13:27:13 INSTALL: 0 commands [Container] 2022/12/15 13:27:13 Phase complete: DOWNLOAD_SOURCE State: SUCCEEDED [Container] 2022/12/15 13:27:13 Phase context status code: Message: [Container] 2022/12/15 13:27:13 Entering execCommands [Container] 2022/12/15 13:27:13 Entering phase INSTALL [Container] 2022/12/15 13:27:13 Phase complete: INSTALL State: SUCCEEDED [Container] 2022/12/15 13:27:13 Phase context status code: Message: [Container] 2022/12/15 13:27:13 Entering phase PRE_BUILD [Container] 2022/12/15 13:27:13 Phase complete: PRE_BUILD State: SUCCEEDED [Container] 2022/12/15 13:27:13 Phase context status code: Message: [Container] 2022/12/15 13:27:13 Entering phase BUILD [Container] 2022/12/15 13:27:13 Running command env GOLANG_15_VERSION=1.15.15 MAVEN_OPTS=-Dmaven.wagon.httpconnectionManager.maxPerRoute=2 CODEBUILD_LAST_EXIT=0 CODEBUILD_START_TIME=1671110748424 GOLANG_16_VERSION=1.16.15 ACCELERATOR_QUALIFIER=aws-accelerator CODEBUILD_BMR_URL=https://CODEBUILD_AGENT:3000 NODE_12_VERSION=12.22.12 JRE_8_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto/jre CODEBUILD_SOURCE_VERSION=arn:aws-us-gov:s3:::aws-accelerator-pipeline-*****-us-gov-west-1/AWSAccelerator-Pipel/Build/8UJxW8p CODEBUILD_AGENT_ENDPOINT=http://127.0.0.1:7831 HOSTNAME=d1af7777712f CODEBUILD_BUILD_ID=AWSAccelerator-ToolkitProject:2eff4929-a227-4ccd-b97c-8562bf43e30b CODEBUILD_KMS_KEY_ID=arn:aws-us-gov:kms:us-gov-west-1:*****:key/eb54cc8c-aa46-4016-bb3a-56d3879e74ec NODE_14_VERSION=14.19.2 JRE_11_HOME=/usr/lib/jvm/java-11-amazon-corretto HOME=/root OLDPWD=/codebuild/readonly JRE_HOME=/usr/lib/jvm/java-11-amazon-corretto CODEBUILD_GOPATH=/codebuild/output/src967 CODEBUILD_CI=true GOENV_DISABLE_GOPATH=1 CODEBUILD_BUILD_NUMBER=1129 CODEBUILD_BUILD_SUCCEEDING=1 NODE_OPTIONS=--max_old_space_size=8192 AWS_CONTAINER_CREDENTIALS_RELATIVE_URI=/v2/credentials/886023fe-3632-45c1-8ec6-a608add65d43 CODEBUILD_BUILD_ARN=arn:aws-us-gov:codebuild:us-gov-west-1:*****:build/AWSAccelerator-ToolkitProject:2eff4929-a227-4ccd-b97c-8562bf43e30b LC_CTYPE=C.UTF-8 AWS_EXECUTION_ENV=AWS_ECS_EC2 RUBY_BUILD_SRC_DIR=/usr/local/rbenv/plugins/ruby-build DOTNET_5_SDK_VERSION=5.0.408 CODEBUILD_INITIATOR=codepipeline/AWSAccelerator-Pipeline CODEBUILD_SOURCE_REPO_URL_Config=arn:aws-us-gov:s3:::aws-accelerator-pipeline-*****-us-gov-west-1/AWSAccelerator-Pipel/Config/wPWbmi7 AWS_DEFAULT_REGION=us-gov-west-1 PHP_80_VERSION=8.0.18 ECS_CONTAINER_METADATA_URI_V4=http://169.254.170.2/v4/b3288f10-64db-4e1d-93c5-fee4a49da9d5 PHP_73_VERSION=7.3.33 ECS_CONTAINER_METADATA_URI=http://169.254.170.2/v3/b3288f10-64db-4e1d-93c5-fee4a49da9d5 DOTNET_ROOT=/root/.dotnet PHP_74_VERSION=7.4.29 CODEBUILD_SRC_DIR_Config=/codebuild/output/src967/src/s3/01 CODEBUILD_EXECUTION_ROLE_BUILD= DOTNET_31_SDK_VERSION=3.1.419 PATH=/usr/local/bin/sbt/bin:/root/.phpenv/shims:/root/.phpenv/bin:/root/.goenv/shims:/root/.goenv/bin:/go/bin:/root/.phpenv/shims:/root/.phpenv/bin:/root/.pyenv/shims:/root/.pyenv/bin:/root/.rbenv/shims:/usr/local/rbenv/bin:/usr/local/rbenv/shims:/root/.dotnet/:/root/.dotnet/tools/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/tools:/codebuild/user/bin RUBY_26_VERSION=2.6.10 CODEBUILD_LOG_PATH=2eff4929-a227-4ccd-b97c-8562bf43e30b RUBY_27_VERSION=2.7.6 PYYAML_VERSION=5.4.1 CDK_OPTIONS=bootstrap CODEBUILD_BUILD_IMAGE=aws/codebuild/standard:5.0 GOPATH=/go:/codebuild/output/src967 AWS_REGION=us-gov-west-1 CODEBUILD_BUILD_URL=https://us-gov-west-1.console.amazonaws-us-gov.com/codebuild/home?region=us-gov-west-1#/builds/AWSAccelerator-ToolkitProject:2eff4929-a227-4ccd-b97c-8562bf43e30b/view/new JAVA_8_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto CODEBUILD_SRC_DIR=/codebuild/output/src967/src/s3/00 CODEBUILD_PROJECT_UUID=c51d981e-1f94-44e4-8bc1-d73e0df0b028 CDK_NEW_BOOTSTRAP=1 CODEBUILD_AUTH_TOKEN=474f29b8-f5ed-4e74-9adb-bd9c85db3248 CODEBUILD_CONTAINER_NAME=default JAVA_11_HOME=/usr/lib/jvm/java-11-amazon-corretto CDK_METHOD=direct JDK_8_HOME=/usr/lib/jvm/java-1.8.0-amazon-corretto LOG4J_UNSAFE_VERSIONS=2.11.1 1.2.8 JAVA_HOME=/usr/lib/jvm/java-11-amazon-corretto PWD=/codebuild/output/src967/src/s3/00 CODEBUILD_FE_REPORT_ENDPOINT=https://codebuild.us-gov-west-1.amazonaws.com/ PYTHON_37_VERSION=3.7.13 PYTHON_38_VERSION=3.8.13 PYTHON_39_VERSION=3.9.12 JDK_11_HOME=/usr/lib/jvm/java-11-amazon-corretto CONFIG_COMMIT_ID=73c21fb66eb7494ccc31462b1b52daa162237e68 NUGET_XMLDOC_MODE=skip JDK_HOME=/usr/lib/jvm/java-11-amazon-corretto [Container] 2022/12/15 13:27:14 Running command cd source [Container] 2022/12/15 13:27:14 Running command cd packages/@aws-accelerator/accelerator [Container] 2022/12/15 13:27:14 Running command if [ -z "${ACCELERATOR_STAGE}" ]; then yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition aws-us-gov; fi yarn run v1.22.19 $ /codebuild/output/src967/src/s3/00/source/packages/@aws-accelerator/accelerator/node_modules/.bin/ts-node --transpile-only cdk.ts synth --require-approval never --config-dir /codebuild/output/src967/src/s3/01 --partition aws-us-gov [2022-12-15 13:27:15] - info: [toolkit] Executing cdk synth [2022-12-15 13:27:43] - info: [app] Begin Accelerator CDK App [2022-12-15 13:27:43] - debug: [prepare-stack] homeRegion: us-gov-west-1 [2022-12-15 13:27:44] - debug: [prepare-stack] CloudWatch Encryption Key [2022-12-15 13:27:44] - debug: [prepare-stack] Lambda Encryption Key [2022-12-15 13:27:44] - debug: [prepare-stack] Configuration assets creation [2022-12-15 13:27:44] - info: [prepare-stack] Load Config Table [2022-12-15 13:27:44] - info: [prepare-stack] Call create ou construct [2022-12-15 13:27:44] - info: [prepare-stack] Completed stack synthesis [2022-12-15 13:27:44] - debug: [finalize-stack] Region: us-gov-west-1 [2022-12-15 13:27:44] - debug: [finalize-stack] Retrieving CloudWatch kms key [2022-12-15 13:27:44] - info: [finalize-stack] Completed stack synthesis [2022-12-15 13:27:44] - debug: [accounts-stack] Region: us-gov-west-1 [2022-12-15 13:27:44] - info: [accounts-stack] Adding service control policy (AcceleratorGuardrails1) [2022-12-15 13:27:44] - info: [accounts-stack] Attaching service control policy (AcceleratorGuardrails1) to organizational unit (Infrastructure) [2022-12-15 13:27:44] - info: [accounts-stack] Adding service control policy (AcceleratorGuardrails2) [2022-12-15 13:27:44] - info: [accounts-stack] Attaching service control policy (AcceleratorGuardrails2) to organizational unit (Infrastructure) [2022-12-15 13:27:44] - info: [accounts-stack] Adding service control policy (Quarantine) [2022-12-15 13:27:44] - info: [accounts-stack] Adding service control policy (S3BucketEncryption) [2022-12-15 13:27:44] - info: [accounts-stack] Attaching service control policy (S3BucketEncryption) to organizational unit (Dev) [2022-12-15 13:27:44] - info: [accounts-stack] Adding service control policy (BlockInternetAccess) [2022-12-15 13:27:44] - info: [accounts-stack] Attaching service control policy (BlockInternetAccess) to organizational unit (Dev) [2022-12-15 13:27:44] - debug: [accounts-stack] Enable Service Access for access-analyzer.amazonaws.com [2022-12-15 13:27:44] - debug: [accounts-stack] Enable Service Access for securityhub.amazonaws.com [2022-12-15 13:27:44] - info: [accounts-stack] Completed stack synthesis [2022-12-15 13:27:44] - debug: [organizations-stack] homeRegion: us-gov-west-1 [2022-12-15 13:27:44] - debug: [organizations-stack] logging.cloudtrail.enable: true [2022-12-15 13:27:44] - debug: [organizations-stack] logging.cloudtrail.organizationTrail: true [2022-12-15 13:27:44] - info: [organizations-stack] Enable CloudTrail Service Access [2022-12-15 13:27:44] - info: [organizations-stack] Adding Organizations CloudTrail [2022-12-15 13:27:44] - debug: [organizations-stack] Enable Service Access for access-analyzer.amazonaws.com [2022-12-15 13:27:44] - debug: [organizations-stack] Starts SecurityHub admin account delegation to the account with email *****+24@gmail.com account in us-gov-west-1 region [2022-12-15 13:27:44] - debug: [organizations-stack] SecurityHub Admin Account ID is ***** [2022-12-15 13:27:44] - info: [organizations-stack] Completed stack synthesis [2022-12-15 13:27:44] - debug: [key-stack] Region: us-gov-west-1 [2022-12-15 13:27:44] - debug: [security-audit-stack] centralSecurityServices.macie.enable: false [2022-12-15 13:27:44] - debug: [security-audit-stack] centralSecurityServices.guardduty.enable: false [2022-12-15 13:27:44] - debug: [security-audit-stack] centralSecurityServices.auditManager?.enable: undefined [2022-12-15 13:27:44] - debug: [security-audit-stack] centralSecurityServices.detective?.enable: undefined [2022-12-15 13:27:44] - debug: [security-audit-stack] centralSecurityServices.securityHub.enable: true [2022-12-15 13:27:44] - info: [security-audit-stack] Adding SecurityHub [2022-12-15 13:27:44] - debug: [security-audit-stack] centralSecurityServices.securityHub.regionAggregation: true [2022-12-15 13:27:44] - info: [security-audit-stack] Enabling region aggregation for SecurityHub in the Home Region [2022-12-15 13:27:44] - info: [security-audit-stack] Adding SSM Automation Docs [2022-12-15 13:27:44] - debug: [security-audit-stack] accessAnalyzer.enable: true [2022-12-15 13:27:44] - info: [security-audit-stack] Adding IAM Access Analyzer [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Topics and Subscriptions [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Topic: High [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Subscription: ***** [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Topic: Medium [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Subscription: ***** [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Topic: Low [2022-12-15 13:27:44] - info: [security-audit-stack] Create SNS Subscription: ***** [2022-12-15 13:27:44] - info: [security-audit-stack] CloudTrail Logging S3 Bucket [2022-12-15 13:27:44] - info: [security-audit-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [accelerator-bootstrap] Creating bucket for region us-gov-west-1 in account ***** [2022-12-15 13:27:44] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:44] - debug: [Logging-stack] Create S3 Key [2022-12-15 13:27:44] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:44] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:44] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [operations-stack] Item excluded [2022-12-15 13:27:44] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:44] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:44] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:44] - info: [accelerator-stack] Management account explicitly included [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter RootAccountMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter UnauthorizedAPICallsMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter ConsoleSigninWithoutMFAMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter MetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter IAMPolicyChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter CloudTrailChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter ConsoleAuthenticationFailureMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter DisableOrDeleteCMKMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter S3BucketPolicyChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter AWSConfigChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter SecurityGroupChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter NetworkACLChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter NetworkGatewayChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter RouteTableChangesMetricFilter [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch metric filter VPCChangesMetricFilter [2022-12-15 13:27:44] - info: [accelerator-stack] Management account explicitly included [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-1.1-RootAccountUsage [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.1-UnauthorizedAPICalls [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.2-ConsoleSigninWithoutMFA [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.3-RootAccountUsage [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.4-IAMPolicyChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.5-CloudTrailChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.6-ConsoleAuthenticationFailure [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.7-DisableOrDeleteCMK [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.8-S3BucketPolicyChanges. [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.9-AWSConfigChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.10-SecurityGroupChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.11-NetworkACLChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.12-NetworkGatewayChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.13-RouteTableChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating CloudWatch alarm CIS-3.14-VPCChanges [2022-12-15 13:27:44] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:44] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:44] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:44] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:44] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:44] - debug: [Logging-stack] Create S3 Key [2022-12-15 13:27:44] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:44] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:44] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [operations-stack] Item excluded [2022-12-15 13:27:44] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:44] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:44] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:44] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:44] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:44] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:44] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:44] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:44] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:44] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:44] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:44] - debug: [key-stack] Create S3 Key [2022-12-15 13:27:45] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:45] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:45] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [operations-stack] Item excluded [2022-12-15 13:27:45] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:45] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:45] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:45] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:45] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:45] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:45] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:45] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:45] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:45] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:45] - debug: [Logging-stack] Create S3 Key [2022-12-15 13:27:45] - info: [Logging-stack] Create S3 bucket for VPC flow logs destination [2022-12-15 13:27:45] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:45] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:45] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [operations-stack] Item excluded [2022-12-15 13:27:45] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:45] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:45] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:45] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:45] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:45] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:45] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:45] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:45] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:45] - info: [network-vpc-stack] Transit Gateway key Core-Network is not in map, add resources to look up ${Token[TOKEN.4456]} [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding [Core-Network]: ${Token[TOKEN.4471]} to transitGatewayIds Map [2022-12-15 13:27:45] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:45] - info: [network-vpc-stack] Transit Gateway Core-Network already in dictionary [2022-12-15 13:27:45] - info: [network-vpc-stack] Create IAM Cross Account Access Role [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding VPC Shared-Network [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-Network-A [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-Network-B [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-NetworkTgwAttach-A [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-NetworkTgwAttach-B [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding rules to inbound_web_access [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Security Group inbound_web_access [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding VPC Shared-Network-EKS [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-Network-EKS-A [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-Network-EKS-B [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-Network-EKSTgwAttach-A [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding subnet Shared-Network-EKSTgwAttach-B [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding rules to inbound_web_access [2022-12-15 13:27:45] - info: [network-vpc-stack] Adding Security Group inbound_web_access [2022-12-15 13:27:45] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2 [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Interface endpoints: adding ingress cidr 0.0.0.0/0 TCP:443 [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Security Group to VPC Shared-Network for interface endpoints -- https traffic [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2 [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2messages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2messages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssm [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssm [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssmmessages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssmmessages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for kms [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint kms [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for logs [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint logs [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem-fips [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem-fips [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2 [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Interface endpoints: adding ingress cidr 0.0.0.0/0 TCP:443 [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Security Group to VPC Shared-Network-EKS for interface endpoints -- https traffic [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2 [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2messages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2messages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssm [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssm [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssmmessages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssmmessages [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for kms [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint kms [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for logs [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint logs [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem-fips [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem-fips [2022-12-15 13:27:45] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:45] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:45] - debug: [Logging-stack] Create S3 Key [2022-12-15 13:27:45] - info: [Logging-stack] Create S3 bucket for VPC flow logs destination [2022-12-15 13:27:45] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:45] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:45] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [operations-stack] Item excluded [2022-12-15 13:27:45] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:45] - info: [network-prep-stack] Add Transit Gateway Core-Network [2022-12-15 13:27:45] - info: [network-prep-stack] Add Transit Gateway Route Tables Core-Network-Internet [2022-12-15 13:27:45] - info: [network-prep-stack] Add Transit Gateway Route Tables Core-Network-Inspection [2022-12-15 13:27:45] - info: [network-prep-stack] Share transit gateway [2022-12-15 13:27:45] - info: Share Core-Network_TransitGatewayShare with Organizational Unit Infrastructure: arn:aws-us-gov:organizations::*****:ou/o-hssiszoenm/ou-ljpn-vmir7yjp [2022-12-15 13:27:45] - info: Share Core-Network_TransitGatewayShare with Organizational Unit Dev: arn:aws-us-gov:organizations::*****:ou/o-hssiszoenm/ou-ljpn-6cddearz [2022-12-15 13:27:45] - info: [network-prep-stack] Create network firewall rule group explicit-deny-temp [2022-12-15 13:27:45] - info: [network-prep-stack] Create network firewall rule group workload-to-shared-services [2022-12-15 13:27:45] - info: [network-prep-stack] Create network firewall policy accelerator-policy [2022-12-15 13:27:45] - info: [network-prep-stack] Share Network Firewall policy accelerator-policy [2022-12-15 13:27:45] - info: Share accelerator-policy_NetworkFirewallPolicyShare with Organizational Unit Infrastructure: arn:aws-us-gov:organizations::*****:ou/o-hssiszoenm/ou-ljpn-vmir7yjp [2022-12-15 13:27:45] - info: [network-prep-stack] Create network firewall policy firewall-policy [2022-12-15 13:27:45] - info: [network-prep-stack] Share Network Firewall policy firewall-policy [2022-12-15 13:27:45] - info: Share firewall-policy_NetworkFirewallPolicyShare with Organizational Unit Infrastructure: arn:aws-us-gov:organizations::*****:ou/o-hssiszoenm/ou-ljpn-vmir7yjp [2022-12-15 13:27:45] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:46] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:46] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:46] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:46] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:46] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:46] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:46] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:46] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Transit Gateway key Core-Network is not in map, add resources to look up [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding [Core-Network]: ${Token[TOKEN.6316]} to transitGatewayIds Map [2022-12-15 13:27:46] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Transit Gateway Core-Network already in dictionary [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding VPC Centralized-Egress [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-EgressTgw-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-EgressTgw-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-EgressPublic-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-EgressPublic-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding NAT Gateway nat-a [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding NAT Gateway nat-b [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRouteCore [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Internet Gateway Route Table Entry Internet [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRouteCore [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Internet Gateway Route Table Entry Internet [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding NAT Gateway Route Table Entry NatRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding NAT Gateway Route Table Entry NatRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding VPC Network-Inspection [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-InspectionTgw-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-InspectionTgw-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-Inspection-Firewall-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet Network-Inspection-Firewall-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add Network Firewall core-network-firewall to VPC Network-Inspection [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add S3 ALERT logs for Network Firewall core-network-firewall [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add CloudWatch FLOW logs for Network Firewall core-network-firewall [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Network Firewall Route Table Entry NfwRoute [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Network Firewall Route Table Entry NfwRoute [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment Network-Egress from local account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment Network-Inspection from local account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment Shared-Network from external account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment Shared-Network-EKS from external account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment NCCT-Dev from external account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment Atlassian from external account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Update route tables for attachment NCCT-Dev-EKS from external account ***** [2022-12-15 13:27:46] - info: [network-associations-stack] Adding route 0.0.0.0/0 to TGW route table Core-Network-Internet for TGW Core-Network in account: Network [2022-12-15 13:27:46] - info: [network-associations-stack] Adding route 0.0.0.0/0 to TGW route table Core-Network-Inspection for TGW Core-Network in account: Network [2022-12-15 13:27:46] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:46] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:46] - debug: [Logging-stack] Create S3 Key [2022-12-15 13:27:46] - info: [Logging-stack] Create S3 bucket for VPC flow logs destination [2022-12-15 13:27:46] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:46] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:46] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [accelerator-stack] NCCTDev account explicitly included [2022-12-15 13:27:46] - info: [operations-stack] Add role eksRole [2022-12-15 13:27:46] - info: [operations-stack] Role - assumed by type(service) principal(eks.amazonaws.com) [2022-12-15 13:27:46] - info: [operations-stack] Role - aws managed policy AmazonEKSClusterPolicy [2022-12-15 13:27:46] - info: [operations-stack] Add role eksNodeRole-temp [2022-12-15 13:27:46] - info: [operations-stack] Role - assumed by type(service) principal(ec2.amazonaws.com) [2022-12-15 13:27:46] - info: [operations-stack] Role - aws managed policy AmazonEKSWorkerNodePolicy [2022-12-15 13:27:46] - info: [operations-stack] Role - aws managed policy AmazonEKS_CNI_Policy [2022-12-15 13:27:46] - info: [operations-stack] Role - aws managed policy AmazonS3FullAccess [2022-12-15 13:27:46] - info: [operations-stack] Role - aws managed policy AmazonEC2ContainerRegistryReadOnly [2022-12-15 13:27:46] - info: [operations-stack] Role - customer managed policy arn:aws-us-gov:iam::*****:policy/AWSAccelerator-SessionManagerLogging-us-gov-west-2 [2022-12-15 13:27:46] - info: [operations-stack] Role - customer managed policy arn:aws-us-gov:iam::*****:policy/AWSAccelerator-SessionManagerUserKMS-us-gov-west-1 [2022-12-15 13:27:46] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:46] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:46] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:46] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:46] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:46] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:46] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:46] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:46] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Transit Gateway key Core-Network is not in map, add resources to look up ${Token[TOKEN.7771]} [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding [Core-Network]: ${Token[TOKEN.7786]} to transitGatewayIds Map [2022-12-15 13:27:46] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Transit Gateway Core-Network already in dictionary [2022-12-15 13:27:46] - info: [network-vpc-stack] Create IAM Cross Account Access Role [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding VPC NCCT-Dev [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-DevTgwAttach-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-DevTgwAttach-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-Dev-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-Dev-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding VPC NCCT-Dev-EKS [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-Dev-EKSTgwAttach-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-Dev-EKSTgwAttach-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-Dev-EKS-A [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding subnet NCCT-Dev-EKS-B [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:46] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2 [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Interface endpoints: adding ingress cidr 0.0.0.0/0 TCP:443 [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Security Group to VPC NCCT-Dev for interface endpoints -- https traffic [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2 [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2messages [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2messages [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssm [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssm [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssmmessages [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssmmessages [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for kms [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint kms [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for logs [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint logs [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem-fips [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem-fips [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2 [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Interface endpoints: adding ingress cidr 0.0.0.0/0 TCP:443 [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Adding Security Group to VPC NCCT-Dev-EKS for interface endpoints -- https traffic [2022-12-15 13:27:46] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2 [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2messages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2messages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssm [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssm [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssmmessages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssmmessages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for kms [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint kms [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for logs [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint logs [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:47] - debug: [logging-stack] Logging stack started for account ***** and region us-gov-west-1 [2022-12-15 13:27:47] - debug: [Logging-stack] Create S3 Key [2022-12-15 13:27:47] - info: [Logging-stack] Create S3 bucket for VPC flow logs destination [2022-12-15 13:27:47] - debug: [logging-stack] Stack synthesis complete [2022-12-15 13:27:47] - info: [security-stack] Setting the IAM Password policy [2022-12-15 13:27:47] - info: [security-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [operations-stack] Item excluded [2022-12-15 13:27:47] - info: [operations-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-prep-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [security-resources-stack] Evaluating AWS Config rule sets [2022-12-15 13:27:47] - debug: [logging-stack] In Configure Account CloudTrails [2022-12-15 13:27:47] - info: [logging-stack] Adding Account CloudTrail AWSAccelerator-CloudTrail-aws-accelerator-cloudtrail-logs [2022-12-15 13:27:47] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:47] - info: [security-resources-stack] Item excluded [2022-12-15 13:27:47] - info: [security-resources-stack] Creating Session Manager Logging Resources [2022-12-15 13:27:47] - debug: Stack: AWSAccelerator-SecurityResourcesStack-*****-us-gov-west-1 [2022-12-15 13:27:47] - info: [security-resources-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-vpc-stack] Add DeleteDefaultVpc [2022-12-15 13:27:47] - info: [network-vpc-stack] Evaluating Transit Gateway key Core-Network [2022-12-15 13:27:47] - info: [network-vpc-stack] Transit Gateway key Core-Network is not in map, add resources to look up ${Token[TOKEN.9487]} [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding [Core-Network]: ${Token[TOKEN.9502]} to transitGatewayIds Map [2022-12-15 13:27:47] - info: [network-vpc-stack] Create IAM Cross Account Access Role [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding VPC Atlassian [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding subnet AtlassianTgwAttach-A [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding subnet AtlassianTgwAttach-B [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding subnet Atlassian-A [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding subnet Atlassian-B [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding Transit Gateway Attachment for Core-Network [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:47] - info: [network-vpc-stack] Adding Transit Gateway Route Table Entry TgwRoute [2022-12-15 13:27:47] - info: [network-vpc-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2 [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Interface endpoints: adding ingress cidr 0.0.0.0/0 TCP:443 [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Security Group to VPC Atlassian for interface endpoints -- https traffic [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2 [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ec2messages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ec2messages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssm [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssm [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ssmmessages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ssmmessages [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for kms [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint kms [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for logs [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint logs [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ecr.api [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ecr.api [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for ecr.dkr [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint ecr.dkr [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for sts [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint sts [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Adding Interface Endpoint for elasticfilesystem-fips [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Add default endpoint policy for interface endpoint elasticfilesystem-fips [2022-12-15 13:27:47] - info: [network-vpc-endpoints-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-vpc-dns-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-associations-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [network-associations-gwlb-stack] Completed stack synthesis [2022-12-15 13:27:47] - info: [app] End Accelerator CDK App Subprocess exited with error 1 error Command failed with exit code 1. info Visit https://yarnpkg.com/en/docs/cli/run for documentation about this command. [Container] 2022/12/15 13:27:51 Command did not exit successfully if [ -z "${ACCELERATOR_STAGE}" ]; then yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition aws-us-gov; fi exit status 1 [Container] 2022/12/15 13:27:51 Phase complete: BUILD State: FAILED [Container] 2022/12/15 13:27:51 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: if [ -z "${ACCELERATOR_STAGE}" ]; then yarn run ts-node --transpile-only cdk.ts synth --require-approval never --config-dir $CODEBUILD_SRC_DIR_Config --partition aws-us-gov; fi. Reason: exit status 1 [Container] 2022/12/15 13:27:51 Entering phase POST_BUILD [Container] 2022/12/15 13:27:51 Phase complete: POST_BUILD State: SUCCEEDED [Container] 2022/12/15 13:27:51 Phase context status code: Message: