Role does not have permission for AWS service: AmazonAutoScaling

1

I've been trying to get the Blue/Green deployment scenario working for a day now without much luck. I've been able to use a role and deploy to an Auto Scaling Group successfully not using Blue Green, but when I try that scenario, during deployment, I get the following permission error:

"The IAM role <my role> does not give you permission to perform operations in the following AWS service: AmazonAutoScaling. Contact your AWS administrator if you need help. If you are an AWS administrator, you can grant permissions to your users or groups by creating IAM policies."

My role <my role> is a simple role that has the "AWSCodeDeployRole" attached to it. In CloudTrail, I do see an "AccessDeniedException" for event name "CreateAutoScalingGroup", however, that permission appears to be in the AWSCodeDeployRole as "autoscaling:CreateAutoScalingGroup".

Has anyone run into this? Am I missing some extra policy that needs to be attached to my role?

질문됨 5년 전1173회 조회
1개 답변
0

I figured out the 2 permissions needed to get past this error, I created the policy below and attached it to the Code Deploy role:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:PassRole",
                "ec2:RunInstances"
            ],
            "Resource": "*"
        }
    ]
}

Edited by: mguignard on Jan 22, 2019 4:38 AM

답변함 5년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠