Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

"mcurrent credentials could not be used to assume *** role" error during amolify deployment

0

I am trying to follow the get started tutorial of Amplify gen. 2 (I never used Amplify before) and, when I launch the deployment, I get always a build failure. I noticed in the log several issues like this:

2025-02-24T15:48:32.584Z [INFO]: current credentials could not be used to assume 'arn:aws:iam::381:role/cdk--deploy-role-*********381-eu-west-1', but are for the right account. Proceeding anyway.

Consider that I am using the Amplify Console and the user I am loggin in with is an Administrator, i.e. it belongs to the Administrators group for which the following policy (AdministratorAccess) has been set:

{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "", "Resource": "" } ] }

Beside this issue I get also other warnings (some deprecated modules) but I suppose the main problem is this.

Can anyone help maybe? Thnak you!

Topics
Front-End Web & MobileSecurity, Identity, & Compliance
Tags
AWS Identity and Access ManagementIAM PoliciesAWS Amplify
Language
English
asked a year ago194 views
2 Answers
1

The issue you're experiencing is related to IAM role permissions and trust relationships. Even though you're logged in as an Administrator, there might be a problem with the trust policy of the role that Amplify is trying to assume.

To resolve this issue, you should:

  1. Check the trust relationship of the IAM role that Amplify is trying to assume. The trust policy should allow the Amplify service to assume the role. You may need to update it to include both the specific regional Amplify service and the general Amplify service.

  2. Ensure that the trust policy of the role includes the following:

    { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": ["amplify.amazonaws.com", "amplify.eu-west-1.amazonaws.com"] }, "Action": "sts:AssumeRole" } ] }

  3. Verify that all AWS resources related to your Amplify app are in the same region (eu-west-1 in this case).

  4. Review the IAM role associated with your Amplify app and ensure it has the correct permissions, including AdministratorAccess and AdministratorAccess-Amplify policies.

  5. Check if there are any inline policies attached to the role that might be restricting access.

  6. Review your CloudTrail logs for any denied API calls related to AssumeRole actions.

If the issue persists after these steps, you may need to:

  • Invalidate the cache or deploy a fresh version of the app.
  • Double-check your Amplify Hosting settings, particularly around custom domains and redirects.
  • Consider reaching out to AWS Support for more specific assistance if the problem continues.

Remember that even though you have administrator access, the specific role Amplify is trying to assume may have different permissions or trust relationships that need to be configured correctly for the deployment to succeed.
Sources
Unable to Assume IAM Role in AWS Amplify Deployment | AWS re:Post
on amplify react app deploy issue | AWS re:Post

answered a year ago
EXPERT
reviewed a year ago
0

I have checked all of above but still I can't get my app deployed. Currently I have a free tier account. How can I get in touch with AWS Support? In the support center there is no option (at least with my subscription) to get support about AWS amplify. Thanks

answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content