Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Multiple Account Vending Support within ServiceCatalogPuppet Deploy #626

Open
pspanwar opened this issue Jan 24, 2023 · 0 comments
Open

Multiple Account Vending Support within ServiceCatalogPuppet Deploy #626

pspanwar opened this issue Jan 24, 2023 · 0 comments

Comments

@pspanwar
Copy link

pspanwar commented Jan 24, 2023
edited
Loading

Is your feature request related to a problem? Please describe.
With the support of concurrent account operation[max 5] withing ControlTower, customers can vend multiple accounts at the same time. Though CT now supports this it would be great if the ServiceCatalog Tool also support this.

Describe the solution you'd like
Currently as a part of account vending using ServiceCatlog --> stepfunction[account-vending-state-machine], When we trigger multiple account vending operations:

  • Multiple state machine executions started.
  • All executions pass successfully till SingleAccountRun[CodeBuild]
  • First account vending execution trigger the [servicecatalog-puppet-pipeline] and succeed but rest other fails due to timeouts and deadlock in AWS puppet pipeline(no concurrent support) [please do note few of them may pass depending on the time of first execution completion]

Though the code build project name[SingleAccountRun] itself suggests that its meant for single account run and expected to behave this way hence raising this feature request if we can create another one which supports multiple accounts run too.

Below are the option that we would see here but more than happy in case any other option if available or proposed which suffice this need with minimal impact and changes:

  1. Change the catalog product[account-vending-with-aws-control-tower] with associated lambda's and state machine to support parallel account runs within single state machine. User has to pass comma separated details for multiple fields + Further puppet related changes to support multiple account run with parameterised support for new attribute as multiple account list.

  2. No change in catalog product but only to the statemachine[account-vending-state-machine] to call the specific builds that being executed as part of pipeline[servicecatalog-puppet-pipeline]. This requires disable/enable of source polling in pipeline[servicecatalog-puppet-pipeline] to avoid any run by puppet configuration changes during this time.

Describe alternatives you've considered
More inclined to option-1 if support for multiple account run is available within SCT in parallel to single account run.

Additional context
https://aws.amazon.com/about-aws/whats-new/2022/12/aws-control-tower-concurrent-account-provisioning-operations/
@pspanwar pspanwar changed the title Vend Multiple Account Support within ServiceCatalogPuppet Deploy Multiple Account Vending Support within ServiceCatalogPuppet Deploy Jan 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@pspanwar