Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

Role does not have permission for AWS service: AmazonAutoScaling

1

I've been trying to get the Blue/Green deployment scenario working for a day now without much luck. I've been able to use a role and deploy to an Auto Scaling Group successfully not using Blue Green, but when I try that scenario, during deployment, I get the following permission error:

"The IAM role <my role> does not give you permission to perform operations in the following AWS service: AmazonAutoScaling. Contact your AWS administrator if you need help. If you are an AWS administrator, you can grant permissions to your users or groups by creating IAM policies."

My role <my role> is a simple role that has the "AWSCodeDeployRole" attached to it. In CloudTrail, I do see an "AccessDeniedException" for event name "CreateAutoScalingGroup", however, that permission appears to be in the AWSCodeDeployRole as "autoscaling:CreateAutoScalingGroup".

Has anyone run into this? Am I missing some extra policy that needs to be attached to my role?

Themen
Entwicklertools
Tags
AWS CodeDeploy
Sprache
English
mguignard
gefragt vor 5 Jahren1230 Aufrufe
1 Antwort
0

I figured out the 2 permissions needed to get past this error, I created the policy below and attached it to the Code Deploy role:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:PassRole",
                "ec2:RunInstances"
            ],
            "Resource": "*"
        }
    ]
}

Edited by: mguignard on Jan 22, 2019 4:38 AM

mguignard
beantwortet vor 5 Jahren

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt