Skip to content

[BUG] - rMacieOrgLambdaCustomResource timed out because it reached the sra-macie-org Lambda function's 15-minute limit #319

New issue
New issue
Open
Open
[BUG] - rMacieOrgLambdaCustomResource timed out because it reached the sra-macie-org Lambda function's 15-minute limit#319
Labels
bugSomething isn't working
@Nguyen-Dang-Huynh

Description

@Nguyen-Dang-Huynh
Nguyen-Dang-Huynh
opened on Oct 9, 2025

Describe the bug

rMacieOrgLambdaCustomResource timed out because it reached the Lambda function's 15-minute limit

To Reproduce

We have over 100 accounts with 10 regions need to enabling Macie / add member through Macie delegated administrator account
And the above lambda function got timed out after 15 minutes
Then the rMacieOrgLambdaCustomResource got failures status

Expected behavior

Would like to hear any solutions for this.

Should we just remove the rMacieOrgLambdaCustomResource from the templates?

If we remove it, it looks like we will be unable to deliver the S3 object of automated-sensitive-data-discovery results to the centralize PUBLISHING_DESTINATION_BUCKET_NAME, which we currently set to a different logs account (not the Macie delegated administrator account).

Screenshots

N/A

Deployment Environment (please complete the following information)

  • Deployment Framework: Customizations for Control Tower and CloudFormation StackSets
  • Deployment Framework Version: 2.8.3

Additional context

N/A

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions