DeploymentBucket not working when not in us-east-1

We have a IAM policy that allows resources only in us-west-2 region.

Whenever I run ‘sls deploy’ telling the framework to use a pre-existing bucket with:

          name:  mydeployment-bucket-in-us-west-2 

it uploads the zip files to the bucket, so far so good.
But when AWS cloud-formation validates the stack creation it fails with the error:

Error: The CloudFormation template is invalid: S3 error: The bucket you are attempting to access must be addressed using the specified endpoint. Please send all future requests to this endpoint.

The framework is trying to access the template from this URL…/compiled-cloudformation-template.json

while the correct URL for us-west-2 would be…/compiled-cloudformation-template.json

Am I forgetting something in serverless, or is this a bug/unsupported feature?

Update: removing a policy that required MFA (multi factor authentication) for that user made SLS work.
Having a MFA requirement on a user apparently can mess up API access.

1 Like

This appears to be the case with SourceIp restrictions as well… which is disappointing.