Another cloudformation question - I’m using a nested stack in my template, and it specifies a template URL - I want to use a template in a non public s3 url that we own. is there a different url syntax for this? Im getting an access denied error as though its trying to download from a public endpoint
The S3 bucket in question would need a bucket policy which allows the consuming account access
The stack is being executed within the same account, isn’t that accessible by default?
Yeah, as long as your role has access it should work
Or the role being used to deploy the cfn stack
Hmm, ah, user error. I was specifying the wrong bucket. the error surfaced confusingly as “access denied” rather than “object not found”
Thanks for sanity checking with me
Yeah, by default S3 gives you 403 instead of 404 if you don’t have access to the bucket in question, so you can’t fish for object names
