Description
Describe the bug
The SRA Common Solution is not correctly detecting my Control Tower home region. My Control Tower home region is eu-west-2, but the solution incorrectly defaults to eu-west-1, causing the deployment to fail with the following error:
[ERROR] ValueError: See the details in CloudWatch Log Stream: '/aws/lambda/sra-management-account-parameters'
Error Message: An error occurred (StackSetNotFoundException) when calling the DescribeStackSet operation:
StackSet AWSControlTowerBP-BASELINE-CONFIG not found
To Reproduce
Steps to reproduce the behavior:
-
Cloned the repository.
-
Exported temporary AWS credentials (via IAM Identity Center, using the AWSAdministratorAccess permission set).
-
Ran terraform apply to deploy the common solution.
Note: The terminal session did not have the AWS_REGION environment variable set, nor any region configuration via CLI or environment.
It appears the data.aws_region.current resource used here is not reliably identifying the Control Tower home region. This automatic detection appears flawed in my set up.
Suggested Fix
Introduce a new Terraform variable, e.g. aws_home_region, that allows users to explicitly specify the Control Tower home region. This is more robust than relying on inferred defaults which may vary between environments.
Additionally, update the documentation to highlight that:
AWS_REGION or the new aws_home_region variable should be explicitly set before deployment.
Without setting the correct region, deployments may fail silently or with misleading errors.
Expected Behavior
The Common Solution should reliably deploy in the Control Tower home region. It should not assume or infer the region without a way for users to override it. Providing a configurable region variable will improve reliability and user experience.