Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

Role does not have permission for AWS service: AmazonAutoScaling

1

I've been trying to get the Blue/Green deployment scenario working for a day now without much luck. I've been able to use a role and deploy to an Auto Scaling Group successfully not using Blue Green, but when I try that scenario, during deployment, I get the following permission error:

"The IAM role <my role> does not give you permission to perform operations in the following AWS service: AmazonAutoScaling. Contact your AWS administrator if you need help. If you are an AWS administrator, you can grant permissions to your users or groups by creating IAM policies."

My role <my role> is a simple role that has the "AWSCodeDeployRole" attached to it. In CloudTrail, I do see an "AccessDeniedException" for event name "CreateAutoScalingGroup", however, that permission appears to be in the AWSCodeDeployRole as "autoscaling:CreateAutoScalingGroup".

Has anyone run into this? Am I missing some extra policy that needs to be attached to my role?

Tópicos
Ferramentas do desenvolvedor
Tags
AWS CodeDeploy
Idioma
English
mguignard
feita há 5 anos1230 visualizações
1 Resposta
0

I figured out the 2 permissions needed to get past this error, I created the policy below and attached it to the Code Deploy role:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "iam:PassRole",
                "ec2:RunInstances"
            ],
            "Resource": "*"
        }
    ]
}

Edited by: mguignard on Jan 22, 2019 4:38 AM

mguignard
respondido há 5 anos

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante