Error creating CodeBuild project - CodeBuild is not authorized to perform...

0

Hello Everyone, I am trying to build a codebuild CI/CD project on AWS with CodePipeline and Terraform. In fact I am trying to replicate this repo [https://github.com/davoclock/aws-cicd-pipeline] following along with the instructions in this video https://www.youtube.com/watch?v=JwTP3wZHYnU.

When I try to run terraform apply after setting up my pipeline, I get the following error "Error creating CodeBuild project: InvalidInputException: CodeBuild is not authorized to perform: sts:AssumeRole on arn:aws:iam::xxxxxxxxxxxx:role/tf-codebuild-role"

I will greatly appreciate any help with resolving this.

1 Answer
0
Accepted Answer

Can you check if your IAM role tf-codebuild-role has the correct trust policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-managingrole-editing-console.html#roles-managingrole_edit-trust-policy)?

It should grant codebuild permission to assume it, i.e.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "sts:AssumeRole"
            ],
            "Principal": {
                "Service": [
                    "codebuild.amazonaws.com"
                ]
            }
        }
    ]
}
answered 2 years ago
profile picture
EXPERT
reviewed 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions