- Newest
- Most votes
- Most comments
Hi, I added these roles AWSElasticBeanstalkWebTier, AWSElasticBeanstalkWorkerTier, AWSElasticBeanstalkMulticontainerDocker still I am getting the same error. Can anyone please help?
Hi,
The event log suggests that the aws-elasticbeanstalk-ec2-role
does not exist, although AWS should create it when you launch an environment using the Elastic Beanstalk console or the EB CLI. Can you verify that it is so in the IAM console? It seems that some users are experiencing this problem with the new console, but also with the CLI when your IAM user hasn't permissions to create roles
If so, create it yourself, attach AWSElasticBeanstalkWebTier
, AWSElasticBeanstalkWorkerTier
, AWSElasticBeanstalkMulticontainerDocker
policies to it, and specify Amazon EC2 as a trusted entity in the trust relationship policy.
Thanks a lot Mikel, It worked!!
I found the reason, AWS is creating role with name 'aws-elasticbeanstalk-service-role' during Launch of new environment which is not as 'aws-elasticbeanstalk-ec2-role'. After creating manually role with name 'aws-elasticbeanstalk-ec2-role' it works.
I found this by way of Reddit and StackOverflow, hopefully it helps you and/or someone else.
Steps to manually create an instance profile:
search for "IAM" Users>Add users>username>set permissions select Attach policies directly and add these 4 permissions (AdministratorAccess, AWSElasticBeanstalkMulticontainerDocker, AWSElasticBeanstalkWebTier, AWSElasticBeanstalkWorkerTier) [create a Role]
Roles>create role>{entity type: AWS service, use case: EC2>permissions:same as above} [link Role to the User using the user ARN we just created]
Select Role>Trust relationships>Edit trust policy>Add a principal - {principal type: IAM Roles, ARN: user arn}>Update Policy [Create a new environment]
Service access - (use an existing service role - {existing service role: Role_created, EC2 instance profile: Role_created})
An easier approach is to manually create an Elastic Beanstalk environment manually in the AWS console. I chose a "Ruby" sample application named "roles", and it will create the roles you need. Just delete the environment once it is finished creating.
I do not know why eb create
does not do this, as it should.
Relevant content
- Accepted Answerasked a year ago
- asked 8 months ago
- AWS OFFICIALUpdated a year ago
- How do I mount an Amazon EFS volume to an application directory in an Elastic Beanstalk environment?AWS OFFICIALUpdated 3 months ago
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 5 months ago
when you create the role, you have to make sure it is named: aws-elasticbeanstalk-ec2-role with no whitespaces, etc. If that still doesn't work, check your configuration: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html
In Configure Service Access > EC2 Instance Profile - give the role there as well