We don’t have resources deployed in every AWS region. As a result, we sometimes see errors such as:  Failed to execute resync function, error: Failed to fetch AWS::ResourceGroups::Group in 1 regions for account 953721827634. Failed regions: eu-west-3

In this example, the error occurs because we don’t have any resource groups in eu-west-3.

To work around this, we add the eu-west-3 region to the deny region policy

This would mean, that if in the future resources are created in a region that is on the deny list,  they'd be completely missing from the inventory.

However, this means that if resources are created in a region on the deny list in the future, they would be completely excluded from the inventory.

We don't necessarily mind the errors, but the errors stop the reconciliation step from running at the end of each sync.

Which means that we don't end up deleting entities created by the AWS integration, causing us to end up with almost 200k AWS resources in our production org (we only have about 5k in actuality).

We want to be able to not configure the deny region policy so this will not happen but have this error to be non blocking and have the integration sync succeed and to be able to run the reconciliation step.