Important
We highly recommend that you keep your environments up to date by upgrading to the latest version. To upgrade your environments to this version, use the CloudFormation console to update your AWSAccelerator-Installer stack using the latest installer template and ensure that that you set Branch Name to the latest version (release/v1.4.2 for this release). See Update the solution for more information.
Upgrading from version 1.4.x to 1.4.2
For users with shared VPC subnets configured, if you are encountering an SSM parameter validation error during the Network_Associations stage, use the following update procedure:
- Determine the parameters that are needed in the share target accounts by reviewing the CloudWatch logs for the Lambda function that is prefixed with
AWSAccelerator-NetworkVpc-CustomSsmPutParameterVal-in the account that owns the shared VPC. - Manually create the parameters in any accounts that are failing SSM parameter validation.
- Re-run the core pipeline
- After upgrading to 1.4.2, this process will not be required for newly-enrolled accounts in the share target OUs.
Fixed
- fix(ssm): PutSsmParameters custom resource ignores new accounts
- chore(organizations): moved getOrganizationId to organizations-config
- fix(iam): service linked roles fail to create in multi-region deployment
- fix(validation): TGW route validation fails when prefixList deployment targets do not have excluded regions
- fix(validation): incorrectly configured security delegated admin account isn’t caught by validation
- fix(docs): README indicates S3 server access logs are replicated to central logs bucket