rox*_*ens 2 amazon-s3 amazon-web-services aws-codepipeline aws-codebuild
我正在尝试在 AWS CodePipeline 中设置管道,并在触发 CodeCommit 的更改后,CodeBuild 启动。它执行文件中所述的命令buildspec.yaml,但在将内容同步到 S3 存储桶时失败。
目前,我已将策略附加到相应的 CodeBuild 服务角色AmazonS3FullAccess,但它给出了以下错误:
[Container] 2020/03/20 16:13:22 Running command aws s3 sync ./dist/ProjectName/ s3://project-name-dev
fatal error: An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied
可能是什么问题?
将对象写入 S3 存储桶需要 2 个位置的权限:
由于您已将“AmazonS3FullAccess”添加到 CodeBuild 服务角色,请检查存储桶策略是否不允许 Codebuild 角色写入。您可以在存储桶上添加以下存储桶策略来解决此问题:
{
"Sid": "Stmt1561445614665",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::<Account_Number>:role/service-role/<your-codebuild-service-role>". <===== Update with your codebuild service role ARN
},
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::bucketname", <===== Update with your bucket name
"arn:aws:s3:::bucketname/*" <===== Update with your bucket name
]
}
| 归档时间: |
|
| 查看次数: |
3365 次 |
| 最近记录: |