This site is in read only mode. Please continue to browse, but replying, likes, and other actions are disabled for now.

⚠️ We've moved!

Hi there!

To reduce project dependency on 3rd party paid services the StackStorm TSC has decided to move the Q/A from this forum to Github Discussions. This will make user experience better integrated with the native Github flow, as well as the questions closer to the community where they can provide answers.

Use 🔗 Github Discussions to ask your questions.

Unable to run https://github.com/StackStorm-Exchange/stackstorm-aws/blob/master/actions/ssm_start_automation_execution.yaml

Getting below error when trying to run [aws.ssm_start_automation_execution]
in cross account reference, the programmatic account has all the access
st2.actions.python.ActionManager: ERROR Could not find the role referring xxxxxxxx3352 account in the config file. Please, introduce it in ‘aws.yaml’ file.
Traceback (most recent call last):
File “/opt/stackstorm/st2/lib/python3.6/site-packages/python_runner/python_action_wrapper.py”, line 333, in
obj.run()
File “/opt/stackstorm/st2/lib/python3.6/site-packages/python_runner/python_action_wrapper.py”, line 192, in run
output = action.run(**self._parameters)
File “/opt/stackstorm/packs/aws/actions/run.py”, line 36, in run
return self.do_method(module_path, cls, aws_action, **kwargs)
File “/opt/stackstorm/packs/aws/actions/lib/action.py”, line 183, in do_method
self.assume_role(account_id)
File “/opt/stackstorm/packs/aws/actions/lib/action.py”, line 81, in assume_role
RoleArn=self.cross_roles[account_id],
KeyError: ‘xxxxxxxx3352’

Not looked in detail at the code, but it looks like its complaining that the action is configured with the account_id parameter of xxxxxxx3352. But this is an index into the pack’s config.

Have you got xxxx352 in the pack’s config (/opt/stackstorm/configs/aws.yaml) , see stackstorm-aws/aws.yaml.example at master · StackStorm-Exchange/stackstorm-aws · GitHub for an example of setting the roles?

If you have, did you instruct StackStorm to reload the config after it was updated?

It looks like it’s a problem of not being able to find the account_id that is referenced in the account in the pack config.

If other action’s in your setup work with that account_id, then it might be a problem with the action itself, but looking at that error it looks like it’s config.